{"id":"https://openalex.org/W2055156045","doi":"https://doi.org/10.1145/1558607.1558681","title":"Towards usable cyber security requirements","display_name":"Towards usable cyber security requirements","publication_year":2009,"publication_date":"2009-04-13","ids":{"openalex":"https://openalex.org/W2055156045","doi":"https://doi.org/10.1145/1558607.1558681","mag":"2055156045"},"language":"en","primary_location":{"id":"doi:10.1145/1558607.1558681","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1558607.1558681","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5027362913","display_name":"Jose Romero-Mariona","orcid":null},"institutions":[{"id":"https://openalex.org/I2803209242","display_name":"University of California System","ror":"https://ror.org/00pjdza24","country_code":"US","type":"education","lineage":["https://openalex.org/I2803209242"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jose Romero-Mariona","raw_affiliation_strings":["University of California"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of California","institution_ids":["https://openalex.org/I2803209242"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5061082603","display_name":"Hadar Ziv","orcid":"https://orcid.org/0009-0000-2391-4196"},"institutions":[{"id":"https://openalex.org/I2803209242","display_name":"University of California System","ror":"https://ror.org/00pjdza24","country_code":"US","type":"education","lineage":["https://openalex.org/I2803209242"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hadar Ziv","raw_affiliation_strings":["University of California"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of California","institution_ids":["https://openalex.org/I2803209242"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5057690857","display_name":"Debra J. Richardson","orcid":"https://orcid.org/0000-0002-8202-9274"},"institutions":[{"id":"https://openalex.org/I2803209242","display_name":"University of California System","ror":"https://ror.org/00pjdza24","country_code":"US","type":"education","lineage":["https://openalex.org/I2803209242"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Debra J. Richardson","raw_affiliation_strings":["University of California"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of California","institution_ids":["https://openalex.org/I2803209242"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5015615108","display_name":"Dennis Bystritsky","orcid":null},"institutions":[{"id":"https://openalex.org/I2803209242","display_name":"University of California System","ror":"https://ror.org/00pjdza24","country_code":"US","type":"education","lineage":["https://openalex.org/I2803209242"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Dennis Bystritsky","raw_affiliation_strings":["University of California"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of California","institution_ids":["https://openalex.org/I2803209242"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.14107584,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"4"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.7607600092887878},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7184910178184509},{"id":"https://openalex.org/keywords/usable","display_name":"USable","score":0.6553506851196289},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6180163621902466},{"id":"https://openalex.org/keywords/harm","display_name":"Harm","score":0.46943071484565735},{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.4624377191066742},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.4604199230670929},{"id":"https://openalex.org/keywords/requirements-analysis","display_name":"Requirements analysis","score":0.4460679292678833},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.4433360993862152},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.4243074059486389},{"id":"https://openalex.org/keywords/system-requirements","display_name":"System requirements","score":0.41989046335220337},{"id":"https://openalex.org/keywords/order","display_name":"Order (exchange)","score":0.4187890589237213},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.4179970324039459},{"id":"https://openalex.org/keywords/security-engineering","display_name":"Security engineering","score":0.4146476984024048},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.4064238667488098},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.3310217559337616},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.3271481394767761},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.27428287267684937},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.08989804983139038},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.08912909030914307}],"concepts":[{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.7607600092887878},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7184910178184509},{"id":"https://openalex.org/C2780615836","wikidata":"https://www.wikidata.org/wiki/Q2471869","display_name":"USable","level":2,"score":0.6553506851196289},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6180163621902466},{"id":"https://openalex.org/C2777363581","wikidata":"https://www.wikidata.org/wiki/Q15098235","display_name":"Harm","level":2,"score":0.46943071484565735},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.4624377191066742},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.4604199230670929},{"id":"https://openalex.org/C59488412","wikidata":"https://www.wikidata.org/wiki/Q187147","display_name":"Requirements analysis","level":3,"score":0.4460679292678833},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.4433360993862152},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.4243074059486389},{"id":"https://openalex.org/C40398212","wikidata":"https://www.wikidata.org/wiki/Q2275513","display_name":"System requirements","level":2,"score":0.41989046335220337},{"id":"https://openalex.org/C182306322","wikidata":"https://www.wikidata.org/wiki/Q1779371","display_name":"Order (exchange)","level":2,"score":0.4187890589237213},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.4179970324039459},{"id":"https://openalex.org/C13159133","wikidata":"https://www.wikidata.org/wiki/Q365674","display_name":"Security engineering","level":5,"score":0.4146476984024048},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.4064238667488098},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.3310217559337616},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.3271481394767761},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.27428287267684937},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.08989804983139038},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.08912909030914307},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1558607.1558681","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1558607.1558681","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W2000628719","https://openalex.org/W2064880315","https://openalex.org/W2088405928","https://openalex.org/W2101195914","https://openalex.org/W2139907081","https://openalex.org/W2170569929","https://openalex.org/W4233360627","https://openalex.org/W4386644885","https://openalex.org/W6684991523"],"related_works":["https://openalex.org/W1811024770","https://openalex.org/W4230385779","https://openalex.org/W2013238834","https://openalex.org/W2542633692","https://openalex.org/W2395987867","https://openalex.org/W2031957425","https://openalex.org/W2018644264","https://openalex.org/W658105165","https://openalex.org/W2293554594","https://openalex.org/W3163146719"],"abstract_inverted_index":{"Security":[0],"has":[1,14],"become":[2],"a":[3,16,47,91],"primary":[4],"and":[5,110],"prevalent":[6],"concern":[7],"for":[8,50,75],"software":[9],"systems.":[10,38],"The":[11],"past":[12],"decade":[13],"witnessed":[15],"tremendous":[17],"increase":[18],"in":[19,58,87],"not":[20],"only":[21],"the":[22,29,44,59,80,118],"sheer":[23],"number":[24],"of":[25,46],"attacks":[26,33],"but":[27],"also":[28,72],"ease":[30],"with":[31],"which":[32],"can":[34],"be":[35,100,115],"performed":[36],"on":[37],"In":[39],"this":[40,69],"paper":[41],"we":[42],"exemplify":[43],"usage":[45,66],"novel":[48],"technique":[49,60,71],"developing":[51],"security":[52,82,113],"requirements,":[53],"by":[54],"demonstrating":[55],"each":[56],"step":[57],"when":[61],"applied":[62],"to":[63,89,102,106],"an":[64],"example":[65],"scenario.":[67],"Furthermore,":[68],"new":[70],"provides":[73],"support":[74],"deriving":[76],"testing":[77],"artifacts":[78],"from":[79],"specified":[81],"requirements.":[83,104,119],"We":[84],"believe":[85],"that":[86],"order":[88],"protect":[90],"system":[92,108],"against":[93],"harm":[94],"(intended":[95],"or":[96],"not),":[97],"attention":[98],"must":[99,114],"given":[101],"its":[103],"Similar":[105],"other":[107],"properties":[109],"quality":[111],"attributes,":[112],"considered":[116],"at":[117]},"counts_by_year":[{"year":2021,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2015,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}