@article{943,
  author = {A. Meligy, H. Diab, M. Torky},
  title = {Security Requirements Engineering Using Outsourcing},
  journal = {Journal of Information Security Research},
  year = {2012},
  volume = {3},
  number = {3},
  doi = {},
  url = {http://www.dline.info/jisr/fulltext/v3n3/1.pdf},
  abstract = {Now days several organizations started to build their security system during SDLC depending on an Outsourcing companies. The purpose of this study is to show how the outsourcer represented in Managed Security Service Provider (MSSP) can define and specify security requirements during software requirement engineering process. This paper introduced a new model that aims to define and specify security requirements during software requirement engineering using MSSP who can be considered as a new security member of the development team. Our new model added major security activities which should be performed via MSSP during software requirement engineering process. We analyzed our new model using CMMI and estimated it using COCOMO II-Early Design Model. We concluded that, using our new model will increase the security of customer's software system from the beginning of SDLC, and involving MSSP in the process will save security effort,Cost and Time.},
}