Nowadays Security plays an important role in the development of applications because of network expansion on one side and of the importance of information on the other side. However, security requirements have long been relegated to second place compared to the functional requirements which can cause some damage to the applications. One of the challenges of current research in the area of requirement engineering is to develop simple, expressive, reliable and costless methods for expressing and modelling security requirements. The purpose of this article is to review research studies related to approaches for eliciting and specifying security requirements in the context of software development process. It aims then to analyse and classify them into categories and to highlight their contribution to security requirements engineering field and their limits.