Concurrent Consideration of Technical and Human Aspects in Security Requirements Engineering

Authors

  • Damjan Fujs University of Ljubljana, Faculty of Computer and Information Science

DOI:

https://doi.org/10.31449/inf.v48i2.5945

Abstract

This article is an extended abstract of the doctoral dissertation entitled “Tailoring security-related software and training requirements to users based on their categorization” (Fujs, 2024). Security has traditionally been ensured by technical solutions in the concluding stages of software development. The fact that security is considered an additional function means that a vulnerability is fixed with security patches as soon as it occurs. However, the importance of human factors is increasingly being recognized, as technical solutions alone are not enough to close security gaps. In order to address this shortcoming, we proposed an approach that simultaneously addresses technical as well as human aspects - already in the initial stages of software development.

References

Fujs, D. (2024). Tailoring security-related software and training requirements to users based on their categorization [Doctoral dissertation]. Repository of the University of Ljubljana.

Fujs, D., Vrhovec, S., & Vavpotič, D. (2023). Balancing software and training requirements for information security. Computers & security, 134, 103467.

Wiley, A., McCormac, A., & Calic, D. (2020). More than the individual: Examining the relationship between culture and Information Security Awareness. Computers & Security, 88, 101640.

European Union Agency for Cybersecurity, Svetozarov Naydenov, R., Malatras, A., Lella, I., Theocharidou, M., Ciobanu, C., Tsekmezoglou, E. (2022). ENISA threat landscape 2022 : July 2021 to July 2022. https://data.europa.eu/doi/10.2824/764318.

Downloads

Published

2024-06-26

How to Cite

Fujs, D. (2024). Concurrent Consideration of Technical and Human Aspects in Security Requirements Engineering. Informatica, 48(2). https://doi.org/10.31449/inf.v48i2.5945

Issue

Vol. 48 No. 2 (2024)

Section

Thesis summary

License

I assign to Informatica, An International Journal of Computing and Informatics ("Journal") the copyright in the manuscript identified above and any additional material (figures, tables, illustrations, software or other information intended for publication) submitted as part of or as a supplement to the manuscript ("Paper") in all forms and media throughout the world, in all languages, for the full term of copyright, effective when and if the article is accepted for publication. This transfer includes the right to reproduce and/or to distribute the Paper to other journals or digital libraries in electronic and online forms and systems.

I understand that I retain the rights to use the pre-prints, off-prints, accepted manuscript and published journal Paper for personal use, scholarly purposes and internal institutional use.

In certain cases, I can ask for retaining the publishing rights of the Paper. The Journal can permit or deny the request for publishing rights, to which I fully agree.

I declare that the submitted Paper is original, has been written by the stated authors and has not been published elsewhere nor is currently being considered for publication by any other journal and will not be submitted for such review while under review by this Journal.  The Paper contains no material that violates proprietary rights of any other person or entity. I have obtained written permission from copyright owners for any excerpts from copyrighted works that are included and have credited the sources in my article. I have informed the co-author(s) of the terms of this publishing agreement.


Copyright ©  Slovenian Society Informatika