计算机科学 ›› 2011, Vol. 38 ›› Issue (5): 14-19.
• 综述 • 上一篇 下一篇
金英,刘鑫,张晶
出版日期:
发布日期:
基金资助:
JIN Ying,LIU Xin,ZHANG Jing
Online:
Published:
摘要: 近年来,软件主动式防御思想在软件安全性保障中的地位越来越高,它是一种积极的保障软件安全性的思想,可有效地构建高可信性软件。安全需求的获取是软件安全性保障中最关键的部分,是主动式防御首要完成的任务并且也是最难完成的部分。针对典型的安全需求获取方法,从它们的研究途径、应用情况等方面进行比较和分析,总结并讨论了安全需求获取方法的状况及其未来的发展趋势。上述工作将对安全需求获取方法的研究和实践应用提供有益参考。
关键词: 软件安全性,主动式防御,安全需求,威胁
Abstract: Recently more and more attention has been paid to use active defense in software security because it provides a positive way to guarantee software security and effectively construct high-confidential software. Security requirements were critical to software security assurance. Eliciting security requirements was one of major and difficult tasks during the security assurance. Some typical methods about eliciting security requirements were studied, compared and analyzed with respect to their research methods, application, etc. The current status of different approaches to security requirements elicitation were summarized, and future trends were explored in the end. The above work will provide a valuable reference for carrying out research and application in security requirement engineering.
Key words: Software security,Active defense,Security rectuirements,Threat
金英,刘鑫,张晶. 软件安全需求获取方法的研究[J]. 计算机科学, 2011, 38(5): 14-19. https://doi.org/
JIN Ying,LIU Xin,ZHANG Jing. Research on Eliciting Security Requirement Methods[J]. Computer Science, 2011, 38(5): 14-19. https://doi.org/
0 / / 推荐
导出引用管理器 EndNote|Reference Manager|ProCite|BibTeX|RefWorks
链接本文: https://www.jsjkx.com/CN/
https://www.jsjkx.com/CN/Y2011/V38/I5/14
Cited
首页