Una evaluación a los métodos para elicitar requisitos de seguridad
Utilizar un método de elicitación puede ayudar para la especificación de un conjunto coherente y completo derequisitos de seguridad. Sin embargo, usualmente, los métodos comunes utilizados para elicitar requisitos funcionales no se orientan a requisitos de seguridad, por lo cual, el conjunto resulta...
- Autores:
-
Estella Periutella W., Marina Torrente A.
- Tipo de recurso:
- Article of journal
- Fecha de publicación:
- 2011
- Institución:
- Universidad de San Buenaventura
- Repositorio:
- Repositorio USB
- Idioma:
- spa
- OAI Identifier:
- oai:bibliotecadigital.usb.edu.co:10819/27281
- Acceso en línea:
- https://hdl.handle.net/10819/27281
https://doi.org/10.21500/20275846.258
- Palabra clave:
- Elicitación de requisitos
requisitos de seguridad
método. Requirements elicitation
security requirements
method.
- Rights
- openAccess
- License
- Revista Ingenierias USBmed - 2015
| id |
SANBUENAV2_0d51ebf8500621715eee0c99c40d75a3 |
|---|---|
| oai_identifier_str |
oai:bibliotecadigital.usb.edu.co:10819/27281 |
| network_acronym_str |
SANBUENAV2 |
| network_name_str |
Repositorio USB |
| repository_id_str |
|
| dc.title.spa.fl_str_mv |
Una evaluación a los métodos para elicitar requisitos de seguridad |
| dc.title.translated.eng.fl_str_mv |
Una evaluación a los métodos para elicitar requisitos de seguridad |
| title |
Una evaluación a los métodos para elicitar requisitos de seguridad |
| spellingShingle |
Una evaluación a los métodos para elicitar requisitos de seguridad Elicitación de requisitos requisitos de seguridad método. Requirements elicitation security requirements method. |
| title_short |
Una evaluación a los métodos para elicitar requisitos de seguridad |
| title_full |
Una evaluación a los métodos para elicitar requisitos de seguridad |
| title_fullStr |
Una evaluación a los métodos para elicitar requisitos de seguridad |
| title_full_unstemmed |
Una evaluación a los métodos para elicitar requisitos de seguridad |
| title_sort |
Una evaluación a los métodos para elicitar requisitos de seguridad |
| dc.creator.fl_str_mv |
Estella Periutella W., Marina Torrente A. |
| dc.contributor.author.spa.fl_str_mv |
Estella Periutella W., Marina Torrente A. |
| dc.subject.spa.fl_str_mv |
Elicitación de requisitos requisitos de seguridad método. Requirements elicitation security requirements method. |
| topic |
Elicitación de requisitos requisitos de seguridad método. Requirements elicitation security requirements method. |
| description |
Utilizar un método de elicitación puede ayudar para la especificación de un conjunto coherente y completo derequisitos de seguridad. Sin embargo, usualmente, los métodos comunes utilizados para elicitar requisitos funcionales no se orientan a requisitos de seguridad, por lo cual, el conjunto resultante de requisitos no los incluye. En este artículo se analizan algunos métodos de elicitación de requisitos de seguridad y se presenta una propuesta para seleccionar el más adecuado; posteriormente, se seleccionan algunos métodos y se aplican a varios estudios de caso. |
| publishDate |
2011 |
| dc.date.accessioned.none.fl_str_mv |
2011-12-21T00:00:00Z 2025-08-21T22:03:47Z |
| dc.date.available.none.fl_str_mv |
2011-12-21T00:00:00Z 2025-08-21T22:03:47Z |
| dc.date.issued.none.fl_str_mv |
2011-12-21 |
| dc.type.spa.fl_str_mv |
Artículo de revista |
| dc.type.coar.fl_str_mv |
http://purl.org/coar/resource_type/c_2df8fbb1 |
| dc.type.coar.spa.fl_str_mv |
http://purl.org/coar/resource_type/c_6501 |
| dc.type.coarversion.spa.fl_str_mv |
http://purl.org/coar/version/c_970fb48d4fbd8a85 |
| dc.type.content.spa.fl_str_mv |
Text |
| dc.type.driver.spa.fl_str_mv |
info:eu-repo/semantics/article |
| dc.type.local.eng.fl_str_mv |
Journal article |
| dc.type.version.spa.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| format |
http://purl.org/coar/resource_type/c_6501 |
| status_str |
publishedVersion |
| dc.identifier.doi.none.fl_str_mv |
10.21500/20275846.258 |
| dc.identifier.eissn.none.fl_str_mv |
2027-5846 |
| dc.identifier.uri.none.fl_str_mv |
https://hdl.handle.net/10819/27281 |
| dc.identifier.url.none.fl_str_mv |
https://doi.org/10.21500/20275846.258 |
| identifier_str_mv |
10.21500/20275846.258 2027-5846 |
| url |
https://hdl.handle.net/10819/27281 https://doi.org/10.21500/20275846.258 |
| dc.language.iso.spa.fl_str_mv |
spa |
| language |
spa |
| dc.relation.bitstream.none.fl_str_mv |
https://revistas.usb.edu.co/index.php/IngUSBmed/article/download/258/172 |
| dc.relation.citationedition.spa.fl_str_mv |
Núm. 2 , Año 2011 : Ingenierías USBMed |
| dc.relation.citationendpage.none.fl_str_mv |
54 |
| dc.relation.citationissue.spa.fl_str_mv |
2 |
| dc.relation.citationstartpage.none.fl_str_mv |
48 |
| dc.relation.citationvolume.spa.fl_str_mv |
2 |
| dc.relation.ispartofjournal.spa.fl_str_mv |
Ingenierías USBMed |
| dc.relation.references.spa.fl_str_mv |
A. Hickey et al. "Requirements Elicitation Techniques: Analyzing the Gap Between Technology Availability and Technology Use". Comparative Technology Transfer and Society, Vol. 1, No. 3, pp. 279-302, 2003. A. Hickey & A. Davis. "A Unified Model of Requirements Elicitation". Journal of Management Information Systems, Vol. 20, No. 4, pp. 65-84, 2004. D. Zowghi & C. Coulin. "Requirements Elicitation: A Survey of Techniques, Approaches, and Tools". In A. Aurum & W. Claes (Eds.) Engineering and Managing Software Requirements. Heidelberg, Germany: Springer- Verlag, 2005. G. Sindre & A. L. Opdahl. "Eliciting Security Requirements by Misuse Cases". Proceedings of the 37th International Conference on Technology of Object- Oriented Languages (Tools 37-Pacific 2000). Nov. 20-23, Sydney, Australia, 2000. G. McGraw. “Software Security: Building Security In”. Boston: Addison-Wesley, 2006. I. Jacobson. “Object-Oriented Software Engineering: A Use Case Driven Approach”. Boston: Addison-Wesley, 1992. J. Rumbaugh. "Getting Started: Using Use Cases to Capture Requirements". Journal of Object-Oriented Programming, Vol. 7, No. 5, pp. 8-23, 1994. A. I. Anton; J. H. Dempster & D. F. Siege. "Deriving Goals from a Use Case Based Requirements Specification for an Electronic Commerce System". Proceedings of the Sixth International Workshop on Requirements Engineering: Foundation for Software Quality (REFSQ 2000). Jun 5-6, Stockholm, Sweden, 2000. P. Checkland. “Soft System Methodology in Action”. Toronto: John Wiley & Sons, 1990. Quality Function Deployment. “Frequently Asked Questions About QFD”. Online [May 2011]. Systems Designers. “CORE - The Manual”. SD-Scicon, 1986. M. Christel & K. Kang. “Issues in Requirements Elicitation”. Technical Report CMU/SEI-92-TR-012, ADA258932. Pittsburgh: Software Engineering Institute, Carnegie Mellon University, 1992. G. P. Mullery. "CORE: A Method for Controlled Requirements Specification". Proceedings of the 4th International Conference on Software Engineering (ICSE-4). Sep. 17-19, Munich, Germany, 1979. A. Finkelstein. "TARA: Tool Assisted Requirements Analysis". In P. Loucopulos & R. Zicari “Conceptual Modeling, Databases and CASE: An Integrated View of Information Systems Development”. John Wiley & Sons, 1992. W. Kunz & H. Rittel. “Issues as Elements of Information Systems”. Berkeley: Institute of Urban & Regional Development, 1970. J. Wood & D. Silver. “Joint Application Development”. New York: Wiley, 1995. K. Kang et al. “Feature-Oriented Domain Analysis Feasibility Study”. Technical Report CMU/SEI-90-TR- 021, ADA235785. Pittsburgh: Software Engineering Institute, Carnegie Mellon University, 1990. L. Kean, L. "Feature-Oriented Domain Analysis". Technical Report CMU/SEI-90-TR-21 ESD-90-TR-222. Software Engineering Institute. Carnegie Mellon University, 1997. D. Schiffrin. “Approaches to Discourse”. Blackwell Publishers Ltd, 1994. R. Alvarez. "Discourse Analysis of Requirements and Knowledge Elicitation Interviews". Proceedings of the 35th Hawaii International Conference on System Sciences (HICSS-35). Jan. 7-10, Big Island, 2002. R. Hubbard; N. Mead & C. Schroeder. "An Assessment of the Relative Efficiency of a Facilitator-Driven Requirements Collection Process with Respect to the Conventional Interview Method". Proceedings of the 4th International Conference on Requirements Engineering (ICRE'00). June 19-23, Los Alamitos, California, USA, 2000. M. Dixon. “A single CASE environment for teaching and learning”. Proceedings of the 9th annual SIGCSE conference on Innovation and technology in computer science education”. Leeds, UK, 28-30 June, 2004. |
| dc.rights.spa.fl_str_mv |
Revista Ingenierias USBmed - 2015 |
| dc.rights.accessrights.spa.fl_str_mv |
info:eu-repo/semantics/openAccess |
| dc.rights.coar.spa.fl_str_mv |
http://purl.org/coar/access_right/c_abf2 |
| dc.rights.uri.spa.fl_str_mv |
https://creativecommons.org/licenses/by-nc-sa/4.0/ |
| rights_invalid_str_mv |
Revista Ingenierias USBmed - 2015 http://purl.org/coar/access_right/c_abf2 https://creativecommons.org/licenses/by-nc-sa/4.0/ |
| eu_rights_str_mv |
openAccess |
| dc.format.mimetype.spa.fl_str_mv |
application/pdf |
| dc.publisher.spa.fl_str_mv |
Universidad San Buenaventura - USB (Colombia) |
| dc.source.spa.fl_str_mv |
https://revistas.usb.edu.co/index.php/IngUSBmed/article/view/258 |
| institution |
Universidad de San Buenaventura |
| bitstream.url.fl_str_mv |
https://bibliotecadigital.usb.edu.co/bitstreams/98321498-ba94-49da-94eb-e693f507da9b/download |
| bitstream.checksum.fl_str_mv |
481b5c53926dc9d6a205c620130f49fa |
| bitstream.checksumAlgorithm.fl_str_mv |
MD5 |
| repository.name.fl_str_mv |
Repositorio Institucional Universidad de San Buenaventura Colombia |
| repository.mail.fl_str_mv |
bdigital@metabiblioteca.com |
| _version_ |
1851053508604723200 |
| spelling |
Estella Periutella W., Marina Torrente A.2011-12-21T00:00:00Z2025-08-21T22:03:47Z2011-12-21T00:00:00Z2025-08-21T22:03:47Z2011-12-21Utilizar un método de elicitación puede ayudar para la especificación de un conjunto coherente y completo derequisitos de seguridad. Sin embargo, usualmente, los métodos comunes utilizados para elicitar requisitos funcionales no se orientan a requisitos de seguridad, por lo cual, el conjunto resultante de requisitos no los incluye. En este artículo se analizan algunos métodos de elicitación de requisitos de seguridad y se presenta una propuesta para seleccionar el más adecuado; posteriormente, se seleccionan algunos métodos y se aplican a varios estudios de caso.application/pdf10.21500/20275846.2582027-5846https://hdl.handle.net/10819/27281https://doi.org/10.21500/20275846.258spaUniversidad San Buenaventura - USB (Colombia)https://revistas.usb.edu.co/index.php/IngUSBmed/article/download/258/172Núm. 2 , Año 2011 : Ingenierías USBMed542482Ingenierías USBMedA. Hickey et al. "Requirements Elicitation Techniques: Analyzing the Gap Between Technology Availability and Technology Use". Comparative Technology Transfer and Society, Vol. 1, No. 3, pp. 279-302, 2003.A. Hickey & A. Davis. "A Unified Model of Requirements Elicitation". Journal of Management Information Systems, Vol. 20, No. 4, pp. 65-84, 2004.D. Zowghi & C. Coulin. "Requirements Elicitation: A Survey of Techniques, Approaches, and Tools". In A. Aurum & W. Claes (Eds.) Engineering and Managing Software Requirements. Heidelberg, Germany: Springer- Verlag, 2005.G. Sindre & A. L. Opdahl. "Eliciting Security Requirements by Misuse Cases". Proceedings of the 37th International Conference on Technology of Object- Oriented Languages (Tools 37-Pacific 2000). Nov. 20-23, Sydney, Australia, 2000.G. McGraw. “Software Security: Building Security In”. Boston: Addison-Wesley, 2006.I. Jacobson. “Object-Oriented Software Engineering: A Use Case Driven Approach”. Boston: Addison-Wesley, 1992.J. Rumbaugh. "Getting Started: Using Use Cases to Capture Requirements". Journal of Object-Oriented Programming, Vol. 7, No. 5, pp. 8-23, 1994.A. I. Anton; J. H. Dempster & D. F. Siege. "Deriving Goals from a Use Case Based Requirements Specification for an Electronic Commerce System". Proceedings of the Sixth International Workshop on Requirements Engineering: Foundation for Software Quality (REFSQ 2000). Jun 5-6, Stockholm, Sweden, 2000.P. Checkland. “Soft System Methodology in Action”. Toronto: John Wiley & Sons, 1990.Quality Function Deployment. “Frequently Asked Questions About QFD”. Online [May 2011].Systems Designers. “CORE - The Manual”. SD-Scicon, 1986.M. Christel & K. Kang. “Issues in Requirements Elicitation”. Technical Report CMU/SEI-92-TR-012, ADA258932. Pittsburgh: Software Engineering Institute, Carnegie Mellon University, 1992.G. P. Mullery. "CORE: A Method for Controlled Requirements Specification". Proceedings of the 4th International Conference on Software Engineering (ICSE-4). Sep. 17-19, Munich, Germany, 1979.A. Finkelstein. "TARA: Tool Assisted Requirements Analysis". In P. Loucopulos & R. Zicari “Conceptual Modeling, Databases and CASE: An Integrated View of Information Systems Development”. John Wiley & Sons, 1992.W. Kunz & H. Rittel. “Issues as Elements of Information Systems”. Berkeley: Institute of Urban & Regional Development, 1970.J. Wood & D. Silver. “Joint Application Development”. New York: Wiley, 1995.K. Kang et al. “Feature-Oriented Domain Analysis Feasibility Study”. Technical Report CMU/SEI-90-TR- 021, ADA235785. Pittsburgh: Software Engineering Institute, Carnegie Mellon University, 1990.L. Kean, L. "Feature-Oriented Domain Analysis". Technical Report CMU/SEI-90-TR-21 ESD-90-TR-222. Software Engineering Institute. Carnegie Mellon University, 1997.D. Schiffrin. “Approaches to Discourse”. Blackwell Publishers Ltd, 1994.R. Alvarez. "Discourse Analysis of Requirements and Knowledge Elicitation Interviews". Proceedings of the 35th Hawaii International Conference on System Sciences (HICSS-35). Jan. 7-10, Big Island, 2002.R. Hubbard; N. Mead & C. Schroeder. "An Assessment of the Relative Efficiency of a Facilitator-Driven Requirements Collection Process with Respect to the Conventional Interview Method". Proceedings of the 4th International Conference on Requirements Engineering (ICRE'00). June 19-23, Los Alamitos, California, USA, 2000.M. Dixon. “A single CASE environment for teaching and learning”. Proceedings of the 9th annual SIGCSE conference on Innovation and technology in computer science education”. Leeds, UK, 28-30 June, 2004.Revista Ingenierias USBmed - 2015info:eu-repo/semantics/openAccesshttp://purl.org/coar/access_right/c_abf2https://creativecommons.org/licenses/by-nc-sa/4.0/https://revistas.usb.edu.co/index.php/IngUSBmed/article/view/258Elicitación de requisitosrequisitos de seguridadmétodo. Requirements elicitationsecurity requirementsmethod.Una evaluación a los métodos para elicitar requisitos de seguridadUna evaluación a los métodos para elicitar requisitos de seguridadArtículo de revistahttp://purl.org/coar/resource_type/c_6501http://purl.org/coar/resource_type/c_2df8fbb1http://purl.org/coar/version/c_970fb48d4fbd8a85Textinfo:eu-repo/semantics/articleJournal articleinfo:eu-repo/semantics/publishedVersionPublicationOREORE.xmltext/xml2523https://bibliotecadigital.usb.edu.co/bitstreams/98321498-ba94-49da-94eb-e693f507da9b/download481b5c53926dc9d6a205c620130f49faMD5110819/27281oai:bibliotecadigital.usb.edu.co:10819/272812025-08-21 17:03:47.184https://creativecommons.org/licenses/by-nc-sa/4.0/https://bibliotecadigital.usb.edu.coRepositorio Institucional Universidad de San Buenaventura Colombiabdigital@metabiblioteca.com |