@inproceedings{781489dbede44ff28715a6499ba6496d,
title = "Risk-Based Security Requirements Model for Web Software",
abstract = "With the proliferation of software vulnerabilities, tools are need to aid developers in infusing security requirements. This work introduces a risk-based security requirements model (RBSR) for web applications. With RBSR, security requirements for mitigating vulnerabilities are associated with weaknesses and risks. Events in the application's functional requirements are also associated with risks. The functional requirements thus acquire the relevant security requirements. RBSR makes it possible to specify security requirements completely and consistently across use cases. The RBSR model is explained and a case study application is used to demonstrate the model.",
keywords = "Requirements Engineering, Security, Vulnerability",
author = "Onyeka Ezenwoye and Yi Liu",
note = "Publisher Copyright: {\textcopyright} 2022 IEEE.; 30th IEEE International Requirements Engineering Conference Workshops, REW 2022 ; Conference date: 15-08-2022 Through 19-08-2022",
year = "2022",
doi = "10.1109/REW56159.2022.00051",
language = "English (US)",
series = "Proceedings of the IEEE International Conference on Requirements Engineering",
publisher = "IEEE Computer Society",
pages = "232--237",
editor = "Eric Knauss and Gunter Mussbacher and Chetan Arora and Muneera Bano and Jean-Guy Schneider",
booktitle = "Proceedings - 30th IEEE International Requirements Engineering Conference Workshops, REW 2022",
}