| 软件安全需求获取方法的研究 |
| |
| 引用本文: | 金英,刘鑫,张晶.软件安全需求获取方法的研究[J].计算机科学,2011,38(5):14-19. |
| |
| 作者姓名: | 金英 刘鑫 张晶 |
| |
| 作者单位: | 吉林大学计算机科学与技术学院,长春,130012 |
| |
| 基金项目: | 本文受国家“863”高技术研究发展计划专题课题(2007AA01Z123),国家自然科学基金青年基金(60603031),吉林大学科学前沿与交义学科创新项目(200903193)资助。 |
| |
| 摘 要: | 近年来,软件主动式防御思想在软件安全性保障中的地位越来越高,它是一种积极的保障软件安全性的思想,可有效地构建高可信性软件。安全需求的获取是软件安全性保障中最关键的部分,是主动式防御首要完成的任务并且也是最难完成的部分。针对典型的安全需求获取方法,从它们的研究途径、应用情况等方面进行比较和分析,总结并讨论了安全需求获取方法的状况及其未来的发展趋势。上述工作将对安全需求获取方法的研究和实践应用提供有益参考。
|
| 关 键 词: | 软件安全性,主动式防御,安全需求,威胁 |
Research on Eliciting Security Requirement Methods |
| |
| JIN Ying,LIU Xin,ZHANG Jing.Research on Eliciting Security Requirement Methods[J].Computer Science,2011,38(5):14-19. |
| |
| Authors: | JIN Ying LIU Xin ZHANG Jing |
| |
| Affiliation: | (College of Computer Science and Technology, Jilin University, Changchun 130012,China) |
| |
| Abstract: | Recently more and more attention has been paid to use active defense in software security because it provides a positive way to guarantee software security and effectively construct high-confidential software. Security requirements were critical to software security assurance. Eliciting security requirements was one of major and difficult tasks during the security assurance. Some typical methods about eliciting security requirements were studied, compared and analyzed with respect to their research methods, application, etc. The current status of different approaches to security requirements elicitation were summarized, and future trends were explored in the end. The above work will provide a valuable reference for carrying out research and application in security requirement engineering. |
| |
| Keywords: | Software security Active defense Security rectuirements Threat |
| 本文献已被 万方数据 等数据库收录! |
|
点击此处可从《计算机科学》下载全文 |
|
