Towards a comprehensive framework for secure systems development
Mouratidis, Haralambos, Jurjens, Jan and Fox, Jorge 2006. Towards a comprehensive framework for secure systems development. in: Dubois, E; Pohl, K (ed.) CAiSE 2006 LNCS 4001 pp.
|Authors||Mouratidis, Haralambos, Jurjens, Jan and Fox, Jorge|
|Editors||Dubois, E; Pohl, K|
Security involves technical as well as social challenges. In the development of security-critical applications, system developers must consider both the technical and the social parts. To achieve this, security issues must be considered during the whole development life-cycle of an information system. This paper presents an approach that allows developers to consider both the social and the technical dimensions of security through a structured and well defined process. In particular, the proposed approach takes the high-level concepts and modelling activities of the secure Tropos methodology and enriches them with a low level security-engineering ontology and models derived from the UMLsec approach. A real case study from the e-commerce sector is employed to demonstrate the applicability of the approach.
|Keywords||Software systems development; security engineering|
|Book title||CAiSE 2006|
|Publisher||LNCS 4001 pp|
|Publication process dates|
|Deposited||18 Jan 2010|
|Web address (URL)||http://dx.doi.org/10.1007/11767138_5|
|Accepted author manuscript|
1views this month
3downloads this month