"Security requirements for new eCommerce and Internet applications exceed the traditional requirements for network security and traditional software systems. Security requirements are more complex and increasingly critical. Informally stated and defacto requirements are often of critical importance in the design and operation of these systems, but are frequently not taken into account. The second symposium on requirements engineering for information security invites papers on a diversity of topics, particularly ones that point out new directions. Theoretical, experimental, and experience papers are all welcome." |