Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Conceptualisation of Breast Cancer Domain Using Ontology Kapitel lesen Erstes Kapitel lesen

2021 | OriginalPaper | Buchkapitel

11. Enriching Financial Software Requirements Concerning Privacy and Security Aspects: A Semiotics Based Approach

verfasst von : Leonardo Manoel Mendes, Ferrucio de Franco Rosa, Rodrigo Bonacin

Erschienen in: ITNG 2021 18th International Conference on Information Technology-New Generations

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Enriching software requirements with key security and privacy features requires professionals to have knowledge of requirements elicitation techniques, based on systematic processes and methods. We propose the Software Requirements Analysis Method for Improvement of Privacy and Security (SRAM-PS), which is based on concepts and techniques from Organizational Semiotics and on the analysis of information security and data privacy standards. SRAM-PS is a 7-steps systematic approach where an input set of software requirements is analyzed, processed, and then enriched with new security and privacy requirements. A case study with 4 experts was carried out, where SRAM-PS is used in a real world scenario: a bank sends a financial transaction receipt containing the customer’s personal data over the Internet. SRAM-PS is aimed at researchers and engineers who analyze and specify software requirements and need to systematize their methods and techniques.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Hybrid Security Risk Assessment Model
Nächstes Kapitel Efficient Design of Underwater Acoustic Sensor Networks Communication for Delay Sensitive Applications over Multi-hop
Fußnoten
Literatur
1.
ISO/IEC, Information Technology Security Techniques Code of Practice for Information Security Controls, International Organization for Standardization, Geneva, CH, Standard, Mar. 2013
2.
J.C.D. Reis, A.C.D. Santos, E.F. Duarte, F.M. Gonçalves, B.B.N. de França, R. Bonacin, M.C.C. Baranauskas, Articulating socially aware design artifacts and user stories in the conception of the opendesign platform, in Proc. of the 22nd International Conference on Enterprise Information Systems – Vol 2, SciTePress, 2020, pp. 523–532
3.
Y.C. Pan, A. Jacobs, C. Tan, S. Askool, Extending technology acceptance model for proximity mobile payment via organisational semiotics, in Digitalisation, Innovation, and Transformation, ed. by K. Liu, K. Nakata, W. Li, C. Baranauskas, (Springer International Publishing, Cham, 2018), pp. 43–52CrossRef
4.
I. Sommerville, Software Engineering, 10th edn. (Pearson Education Limited, Harlow, UK, 2016)MATH
5.
K. Qian, R.M. Parizi, D. Lo, OWASP risk analysis driven security requirements specification for secure android mobile software development, DSC 2018 – IEEE Conference on Dependable and Secure Computing, pp. 4–5, 2019
6.
M. Howard, S. Lipner, The Security Development Lifecycle: SDL, a Process for Developing Demonstrably More Secure Software, ser. Best practices (Microsoft Press, Redmond, WA, USA, 2006)
7.
K. Liu, W. Li, Organisational Semiotics for Business Informatics (Routledge, Abingdon, 2014)CrossRef
8.
R. Stamper, Information in Business and Administrative Systems, ser. A Halsted Press Book (Wiley, New York, NY, USA, 1973)
9.
R.R. de Mendonça., F.F. Rosa, A.C.T. Costa, R. Bonacin, M. Jino, OntoCexp: a proposal for conceptual formalization of criminal expressions. In: 16th International Conference on Information Technology-New Generations (ITNG), 2019, vol 800. Springer, Cham
10.
B. Kitchenham, Procedures for performing systematic reviews, Keele University, Keele, UK, vol. 33, no. 2004, pp. 1–26 (2004)
11.
D. Alkubaisy, A framework managing conflicts between security and privacy requirements, in 2017 11th International Conference on Research Challenges in Information Science (RCIS), 2017, pp. 427–432
12.
R.S. Tejas, S.V. Patel, Security, privacy and trust oriented requirements modeling for examination system, in Nirma University International Conference on Engineering (NUiCONE), 2012, pp. 1–6
13.
S.F. de Oliveira, P.V. Martinez, J.A. Fabri, A. L’Erario, A. S. Duarte, J. A. Gonalves, Proposal for semiotics inspection method application in coming artifacts requirements survey activity, in 11th Iberian Conference on Information Systems and Technologies (CISTI), 2016, pp. 1–7
14.
Y. Hongqiao, L. Weizi, Modeling requirement driven architecture of adaptive healthcare system based on semiotics, in 2009 International Forum on Information Technology and Applications, vol. 2, 2009, pp. 723–727
15.
PCI, Payment Card Industry (PCI) Data Security Standard (DSS) Version 3.2.1, PCI Security Standards Council, Wakefield, MA USA, Standard, May 2018
Metadaten
Titel
Enriching Financial Software Requirements Concerning Privacy and Security Aspects: A Semiotics Based Approach
verfasst von
Leonardo Manoel Mendes
Ferrucio de Franco Rosa
Rodrigo Bonacin
Copyright-Jahr
2021
Buch
ITNG 2021 18th International Conference on Information Technology-New Generations

Print ISBN: 978-3-030-70415-5

Electronic ISBN: 978-3-030-70416-2

Copyright-Jahr: 2021

DOI
https://doi.org/10.1007/978-3-030-70416-2_11