Adapting Secure Tropos for Security Risk Management during Early Phases of the Information Systems Development
Book chapter
Matulevicius, Raimundas, Mayer, Nicolas, Mouratidis, Haralambos, Dubois, Eric, Heymans, Patrick and Genon, Nicolas 2008. Adapting Secure Tropos for Security Risk Management during Early Phases of the Information Systems Development. in: Bellahsène, Zohra and Léonard, Michel (ed.) Advanced Information Systems Engineering: 20th International Conference, CAiSE 2008 Montpellier, France, June 18-20, 2008, Proceedings Springer.
Authors | Matulevicius, Raimundas, Mayer, Nicolas, Mouratidis, Haralambos, Dubois, Eric, Heymans, Patrick and Genon, Nicolas |
---|---|
Editors | Bellahsène, Zohra and Léonard, Michel |
Abstract | Security is a major target for today’s information systems (IS) designers. Security modelling languages exist to reason on security in the early phases of IS development, when the most crucial design decisions are made. Reasoning on security involves analysing risk, and effectively communicating risk-related information. However, we think that current languages can be improved in this respect. In this paper, we discuss this issue for Secure Tropos, the language supporting the eponymous agent-based IS development. We analyse it and suggest improvements in the light of an existing reference model for IS security risk management. This allows for checking Secure Tropos concepts and terminology against those of current risk management standards, thereby improving the conceptual appropriateness of the language. The paper follows a running example, called eSAP, located in the healthcare domain. |
Keywords | risk management; information system security |
Book title | Advanced Information Systems Engineering: 20th International Conference, CAiSE 2008 Montpellier, France, June 18-20, 2008, Proceedings |
Year | 2008 |
Publisher | Springer |
Publication dates | |
2008 | |
Publication process dates | |
Deposited | 18 Jan 2010 |
Series | Lecture Notes in Computer Science |
Event | 20th International Conference, CAiSE 2008 |
ISBN | 978-3-540-69533-2 |
978-3-540-69534-9 | |
ISSN | 0302-9743 |
Digital Object Identifier (DOI) | https://doi.org/10.1007/978-3-540-69534-9_40 |
Web address (URL) | http://hdl.handle.net/10552/493 |
Copyright information | © Springer-Verlag Berlin Heidelberg 2008 |
Additional information | Citation: |
Accepted author manuscript | License CC BY-ND |
https://repository.uel.ac.uk/item/865v4
Download files
129
total views258
total downloads2
views this month0
downloads this month