Using a Security Requirements Engineering Methodology in Practice: the compliance with the Italian Data Protection Legislation

 
EPrints.org
Agentlink Clearinghouse is powered by GNU EPrints developed by the School of Electronics and Computer Science of the University of Southampton.
Type: Article

Massacci, F. and Prest, M. and Zannone, N. (2005) Using a Security Requirements Engineering Methodology in Practice: the compliance with the Italian Data Protection Legislation. Computer Standards & Interfaces.

This is the latest version of this eprint.

Full text not available from this archive.

Abstract

Extending Requirements Engineering modelling and formal analysis methodologies to cope with Security Requirements has been a major effort in the past decade. Yet, only few works describe complex case studies that show the ability of the informal and formal approaches to cope with the level complexity required by compliance with ISO-17799 security management requirements. In this paper we present a comprehensive case study of the application of the Secure Tropos RE methodology for the compliance to the Italian legislation on Privacy and Data Protection by the University of Trento, leading to the definition and analysis of a ISO-17799-like security management scheme.

Deposited by Nicola Zannone on 26 February 2005

Available Versions of this Item

  • Using a Security Requirements Engineering Methodology in Practice: the compliance with the Italian Data Protection Legislation (deposited 26 February 2005) [Currently Displayed]

Archive Staff Only: edit this record

   

AgentLink is the European Commission's IST-funded Coordination Action for Agent-Based Computing
and is coordinated by the
University of Liverpool and University of Southampton
If you encounter any problems with these pages please contact web@agentlink.org.