Concurrent Consideration of Technical and Human Aspects in Security Requirements Engineering

Abstract

This article is an extended abstract of the doctoral dissertation entitled “Tailoring security-related software and training requirements to users based on their categorization” (Fujs, 2024). Security has traditionally been ensured by technical solutions in the concluding stages of software development. The fact that security is considered an additional function means that a vulnerability is fixed with security patches as soon as it occurs. However, the importance of human factors is increasingly being recognized, as technical solutions alone are not enough to close security gaps. In order to address this shortcoming, we proposed an approach that simultaneously addresses technical as well as human aspects - already in the initial stages of software development.

References

Fujs, D. (2024). Tailoring security-related software and training requirements to users based on their categorization [Doctoral dissertation]. Repository of the University of Ljubljana.

Fujs, D., Vrhovec, S., & Vavpotič, D. (2023). Balancing software and training requirements for information security. Computers & security, 134, 103467.

Wiley, A., McCormac, A., & Calic, D. (2020). More than the individual: Examining the relationship between culture and Information Security Awareness. Computers & Security, 88, 101640.

European Union Agency for Cybersecurity, Svetozarov Naydenov, R., Malatras, A., Lella, I., Theocharidou, M., Ciobanu, C., Tsekmezoglou, E. (2022). ENISA threat landscape 2022 : July 2021 to July 2022. https://data.europa.eu/doi/10.2824/764318.

Authors

  • Damjan Fujs University of Ljubljana, Faculty of Computer and Information Science

DOI:

https://doi.org/10.31449/inf.v48i2.5945

Downloads

Published

06/26/2024

How to Cite

Fujs, D. (2024). Concurrent Consideration of Technical and Human Aspects in Security Requirements Engineering. Informatica, 48(2). https://doi.org/10.31449/inf.v48i2.5945

Issue

Vol. 48 No. 2 (2024)

Section

Thesis summary

License

Authors retain copyright in their work. By submitting to and publishing with Informatica, authors grant the publisher (Slovene Society Informatika) the non-exclusive right to publish, reproduce, and distribute the article and to identify itself as the original publisher.

All articles are published under the Creative Commons Attribution license CC BY 3.0. Under this license, others may share and adapt the work for any purpose, provided appropriate credit is given and changes (if any) are indicated.

Authors may deposit and share the submitted version, accepted manuscript, and published version, provided the original publication in Informatica is properly cited.