Applying the physics of notation to the evaluation of a security and privacy requirements engineering methodology
Information and Computer Security
ISSN: 2056-4961
Article publication date: 8 October 2018
Issue publication date: 8 October 2018
Abstract
Purpose
The purpose of this study is the analysis of a security and privacy requirements engineering methodology. Such methodologies are considered an important part of systems’ development process when they contain and process a large amount of critical information, and thus need to remain secure and ensure privacy.
Design/methodology/approach
These methodologies provide techniques, methods and norms for tackling security and privacy issues in information systems. In this process, the utilisation of effective, clear and understandable modelling languages with sufficient notation is of utmost importance, as the produced models are used not only among IT experts or among security specialists but also for communication among various stakeholders, in business environments or among novices in an academic environment.
Findings
The qualitative analysis revealed a partial satisfaction of these principles.
Originality/value
This paper evaluates the effectiveness of a security and privacy requirements engineering methodology, namely, Secure Tropos, on the nine principles of the theory of notation.
Keywords
Citation
Diamantopoulou, V. and Mouratidis, H. (2018), "Applying the physics of notation to the evaluation of a security and privacy requirements engineering methodology", Information and Computer Security, Vol. 26 No. 4, pp. 382-400. https://doi.org/10.1108/ICS-12-2017-0087
Publisher
:Emerald Publishing Limited
Copyright © 2018, Emerald Publishing Limited