A Goal based Framework by adopting SQUARE Process for Privacy and Security Requirement Engineering

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Year of Publication: 2017
Baber Hayat, Ribha Shakoor, Sahrish Mubarak, Komal Basharat

Baber Hayat, Ribha Shakoor, Sahrish Mubarak and Komal Basharat. A Goal based Framework by adopting SQUARE Process for Privacy and Security Requirement Engineering. International Journal of Computer Applications 169(11):31-34, July 2017. BibTeX

	author = {Baber Hayat and Ribha Shakoor and Sahrish Mubarak and Komal Basharat},
	title = {A Goal based Framework by adopting SQUARE Process for Privacy and Security Requirement Engineering},
	journal = {International Journal of Computer Applications},
	issue_date = {July 2017},
	volume = {169},
	number = {11},
	month = {Jul},
	year = {2017},
	issn = {0975-8887},
	pages = {31-34},
	numpages = {4},
	url = {http://www.ijcaonline.org/archives/volume169/number11/28030-2017914873},
	doi = {10.5120/ijca2017914873},
	publisher = {Foundation of Computer Science (FCS), NY, USA},
	address = {New York, USA}


Identifying, categorizing and prioritizing requirements in terms of privacy and security is the main concern for software developers. Privacy requirement gathering is remain the challenge for software engineers for distributed and complex software. Privacy and security requirement engineering is important step in building these software systems. For this different privacy requirement engineering approaches has been proposed such as security quality requirement engineering (SQUARE) which provide a step for elicitation of requirements in terms of privacy. The purpose of this paper is to support the requirement engineers by modifying the SQUARE approach by providing a process of analysis and evaluate the goal based assets with a framework to identify security goals in accordance to the privacy and security requirements both.


  1. A. Souag, R. Mazo, C. Salinesi and I. Comyn-Wattiau, "Reusable knowledge in security requirements engineering: a systematic mapping study", Requirements Engineering, vol. 21, pp. 251-283, 2015.
  2. A. Bisjwe, N. R. Mead, “Adapting the SQUARE Process for Privacy Requirement Engineering”, July 2010.
  3. M. Riaz, J. Stallings, M. P. Singh, J. Slankas, L. Williams, “DIGS-A Framework for Discovering Goals for Security Requirement Engineeing”, Empirical Software Engineering and Measurement, Sept. 2013.
  4. G. S. Walia, J. C. Carver, “A systematic literature review to identify and classify software requirement errors”, Information and Software Technology, vol. 51, Issue. 7, pp. 1087-1109, July 2009.
  5. Q. He and A. I. Anton, “A Framework for Modeling Privacy Requirement in Role Engineering”.
  6. A. I. Anton and C. Potts, “The Use of Goals to Surface Requirements for Evolving Systems”, Proceedings of the 20th International Conference on Software Engineering, pp.157–166, April 1998.
  7. N.R. Mead, E. D. Houg and T. R. Stehney. “Security Quality Requirements Engineering (SQUARE) Methodology”, Software Engineering Institute, 2005.
  8. M. Riaz, J. King, J. Slankas and L. Williams. “ Hidden in plain sight: Automatically identifying security requirements from natural language artifacts”, 22nd International Requirements Engineering Conference (RE), pp. 183–192, 2014.
  9. M. Schumacher, E. Fernandez-Buglioni, D. Hyberston, F. Buschmann and P. Sommerlad, “Security Patterns: Integrating Security and Systems Engineering”, 2006.
  10. D. Firesmith, “Specifying Reusable Security Requirements”, Journal of Object Technology, vol. 3, 2004.
  11. N. Mead, “SQUARE Process”, Software Engineering Institute, Jan 2006.
  12. R. Hubbard, N. Mead and C. Schroeder, “An Assessment of the Relative Efficiency of a Facilitator-Driven Requirements Collection Process with Respect to the Conventional Interview Method.” Proceedings of the International Conference on Requirements Engineering, June 2000.
  13. P. Salini, S. Kanmani, “Security Requirement Engineering Process for Web Application”, Procedia Engineering, vol. 38, pp. 2799-2807, 2012.
  14. K. Joachim. “Software Requirements Prioritizing”, Proceedings of the Interna-tional Conference on Requirements Engineering (ICRE ‟96), pp. 110-116, April 1996.
  15. K. Joachim & R. Kevin, “A Cost-Value Approach for Prioritizing Software Requirements.” IEEE Software, vol. 5, pp. 67-74, 1997.
  16. Y. Ito, H. Washizaki, M. Yoshizawa, E. B. Fernandez, “Systematic Mapping of Secirty Patterns Research”, 22nd Conference on Pattern Language of Programs Conference, 2015.
  17. R. Salvin, J. M. Lehker, J. Niu, “Managing Secuirty Requirements Patterns Using Feature Diagram Hierarchies”, Requirement Engineering Conference (RE), 2014 IEEE 22nd International, 2014.
  18. M. Riaz, L. Williams, “Secuirty Requirements Patterns: Understanding the Science Behind the Art of Pattern Writing”, Requirement Patterns (RePa), 2012 IEE Second International Workshop, 2012.
  19. A. I. Anton, “Goal Based Requirement Analysis”, 2013.


Requirement engineering; privacy and security requirement engineering; security goals