Security Attack Testing (SAT)—testing the security of information systems at design time
Article
Mouratidis, Haralambos and Giorgini, Paolo 2007. Security Attack Testing (SAT)—testing the security of information systems at design time. Information Systems. 32 (8), pp. 1166-1183.
Authors | Mouratidis, Haralambos and Giorgini, Paolo |
---|---|
Abstract | For the last few years a considerable number of efforts have been devoted into integrating security issues into information systems development practices. This has led to a number of languages, methods, methodologies and techniques for considering security issues during the developmental stages of an information system. However, these approaches mainly focus on security requirements elicitation, analysis and design issues and neglect testing. This paper presents the Security Attack Testing (SAT) approach, a novel scenario-based approach that tests the security of an information system at the design time. The approach is illustrated with the aid of a real-life case study involving the development of a health and social care information system. |
Keywords | Information systems development methodology; Integrating security; software engineering; Scenarios; Information system security testing |
Journal | Information Systems |
Journal citation | 32 (8), pp. 1166-1183 |
ISSN | 0306-4379 |
Year | 2007 |
Accepted author manuscript | License CC BY-ND |
Web address (URL) | http://dx.doi.org/10.1016/j.is.2007.03.002 |
http://hdl.handle.net/10552/410 | |
Publication dates | |
Dec 2007 | |
Publication process dates | |
Deposited | 02 Dec 2009 |
Additional information | Citation: |
https://repository.uel.ac.uk/item/865y6
Download files
103
total views332
total downloads1
views this month3
downloads this month