Utilizing security requirements engineering methods for operational security maintenance purposes

被引:0
|
作者
Abuosba, Khalil
El-Sheikh, Asim
Martin, Clemens
机构
来源
2008 CANADIAN CONFERENCE ON ELECTRICAL AND COMPUTER ENGINEERING, VOLS 1-4 | 2008年
关键词
security; fault; event; trees; maintenance;
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Secure systems are achieved by implementing appropriate controls and policies specified based on appropriate selection of minimum security requirements. Maintaining security for these systems is a major challenge. Systems may encounter threats that may arise due to exploitation of vulnerabilities or due to programming flaws. In this work we address security requirements engineering approaches and focus primarily on methods that may be utilized for the purpose of investigating incidents. We have shown empirically that threats may be identified by using methods such as faults trees; and systematically that by using other methods such as events trees, incidents may be avoided or prevented.
引用
收藏
页码:1763 / 1767
页数:5
相关论文
共 50 条
  • [1] Requirements engineering for improving business/IT alignment in security risk management methods
    Mayer, N.
    Dubois, E.
    Rifaut, A.
    ENTERPRISE INTEROPERABILITY II: NEW CHALLENGES AND APPROACHES, 2007, : 15 - 26
  • [2] Visualising privacy and security for requirements engineering
    Kreeger, MN
    Duncan, I
    SERP'04: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING RESEARCH AND PRACTICE, VOLS 1 AND 2, 2004, : 813 - 819
  • [3] A systematic review of security requirements engineering
    Mellado, Daniel
    Blanco, Carlos
    Sanchez, Luis E.
    Fernandez-Medina, Eduardo
    COMPUTER STANDARDS & INTERFACES, 2010, 32 (04) : 153 - 165
  • [4] An approach to security requirements engineering for a high assurance system
    Irvine C.E.
    Levin T.
    Wilson J.D.
    Shifflett D.
    Pereira B.
    Requirements Engineering, 2002, 7 (4) : 192 - 206
  • [5] A Systematic Mapping Study on Security in Agile Requirements Engineering
    Villamizar, Hugo
    Kalinowski, Marcos
    Viana, Marx
    Fernandez, Daniel Mendez
    44TH EUROMICRO CONFERENCE ON SOFTWARE ENGINEERING AND ADVANCED APPLICATIONS (SEAA 2018), 2018, : 454 - 461
  • [6] Security & Safety by Model-based Requirements Engineering
    Japs, Sergej
    2020 28TH IEEE INTERNATIONAL REQUIREMENTS ENGINEERING CONFERENCE (RE'20), 2020, : 422 - 427
  • [7] Security Requirements Management in Software Product Line Engineering
    Mellado, Daniel
    Fernandez-Medina, Eduardo
    Piattini, Mario
    E-BUSINESS AND TELECOMMUNICATIONS, 2009, 48 : 250 - +
  • [8] Security requirements engineering; State of the art and research challenges
    Hadavi, M. A.
    Hamishagi, V. S.
    Sangchi, H. M.
    IMECS 2008: INTERNATIONAL MULTICONFERENCE OF ENGINEERS AND COMPUTER SCIENTISTS, VOLS I AND II, 2008, : 985 - 990
  • [9] A Security Ontology for Security Requirements Elicitation
    Souag, Amina
    Salinesi, Camille
    Mazo, Raul
    Comyn-Wattiau, Isabelle
    ENGINEERING SECURE SOFTWARE AND SYSTEMS (ESSOS 2015), 2015, 8978 : 157 - 175
  • [10] Security Requirements Engineering: A Framework for Cyber-Physical Systems
    Rehman, Shafiq Ur
    Allgaier, Christopher
    Gruhn, Volker
    2018 INTERNATIONAL CONFERENCE ON FRONTIERS OF INFORMATION TECHNOLOGY (FIT 2018), 2018, : 315 - 320
12345