| With the continuous development of computer software application, software security has become the focus of various industries. Considering and solving software security problems in the requirements phase of software development which have important theoretical and engineering value to reduce software development costs and improve software quality.Security requirements for method is the basis and critical for security requirements engineering. Proposed a security requirement method based on security knowledge. The method builds a scalable,reusable security knowledge database. Then analyzes the system's assets from application functional requirements and matches them in the knowledge base. Finally, with the combination of Common Criteria, a unified approach of eliciting security requirements was formed. In order to fulfill the proposed method, design and implement a tool platform of security requirements. An example was explained by this method to show its effectiveness and practical.The method and platform tool can effectively assist security personnel to improve the quality and efficiency of security requirements, and has a certain breadth and authority. The generated security requirements document has a good guide for the promotion of software security. |
PDF Full Text Request