Utilizing security requirements engineering methods for operational security maintenance purposes

被引:0
|
作者
Abuosba, Khalil
El-Sheikh, Asim
Martin, Clemens
机构
来源
2008 CANADIAN CONFERENCE ON ELECTRICAL AND COMPUTER ENGINEERING, VOLS 1-4 | 2008年
关键词
security; fault; event; trees; maintenance;
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Secure systems are achieved by implementing appropriate controls and policies specified based on appropriate selection of minimum security requirements. Maintaining security for these systems is a major challenge. Systems may encounter threats that may arise due to exploitation of vulnerabilities or due to programming flaws. In this work we address security requirements engineering approaches and focus primarily on methods that may be utilized for the purpose of investigating incidents. We have shown empirically that threats may be identified by using methods such as faults trees; and systematically that by using other methods such as events trees, incidents may be avoided or prevented.
引用
收藏
页码:1763 / 1767
页数:5
相关论文
共 50 条
  • [11] Conflicts Between Security and Privacy Measures in Software Requirements Engineering
    Ganji, Daniel
    Mouratidis, Haralambos
    Gheytassi, Saeed Malekshahi
    Petridis, Miltos
    GLOBAL SECURITY, SAFETY AND SUSTAINABILITY: TOMORROW'S CHALLENGES OF CYBER SECURITY, ICGS3 2015, 2015, 534 : 323 - 334
  • [12] Security and Privacy Requirements Engineering Revisited in the Big Data Era
    Liu, Lin
    2016 IEEE 24TH INTERNATIONAL REQUIREMENTS ENGINEERING CONFERENCE WORKSHOPS (REW), 2016, : 55 - 55
  • [13] Automated Support for Security Requirements Engineering in Software Product Line Domain Engineering
    Mellado, Daniel
    Rodriguez, Jesus
    Fernandez-Medina, Eduardo
    Piattini, Mario
    2009 INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY (ARES), VOLS 1 AND 2, 2009, : 224 - +
  • [14] Using Security Requirements Engineering Approaches to Support ISO 27001 Information Security Management Systems Development and Documentation
    Beckers, Kristian
    Fassbender, Stephan
    Heisel, Maritta
    Schmidt, Holger
    2012 SEVENTH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY (ARES), 2012, : 242 - 248
  • [15] Supporting the Development and Documentation of ISO 27001 Information Security Management Systems through Security Requirements Engineering Approaches
    Beckers, Kristian
    Fassbender, Stephan
    Heisel, Maritta
    Kuester, Jan-Christoph
    Schmidt, Holger
    ENGINEERING SECURE SOFTWARE AND SYSTEMS, 2012, 7159 : 14 - +
  • [16] Using Security and Domain ontologies for Security Requirements Analysis
    Souag, Amina
    Salinesi, Camille
    Wattiau, Isabelle
    Mouratidis, Haris
    2013 IEEE 37TH ANNUAL COMPUTER SOFTWARE AND APPLICATIONS CONFERENCE WORKSHOPS (COMPSACW), 2013, : 101 - 107
  • [17] SECURITY IN VALUE ADDED NETWORKS - SECURITY REQUIREMENTS FOR EDI
    JERMANBLAZIC, B
    COMPUTER STANDARDS & INTERFACES, 1991, 12 (01) : 23 - 33
  • [18] A concept for engineering smart grid security requirements based on SGAM models
    Neureiter, Christian
    Eibl, Guenther
    Engel, Dominik
    Schlegel, Stefanie
    Uslar, Mathias
    COMPUTER SCIENCE-RESEARCH AND DEVELOPMENT, 2016, 31 (1-2): : 65 - 71
  • [19] Supporting Security Requirements Engineering Through the Devolpmemt of the secure devolopmemt Ontology
    Steinmann, Jessica
    Ochoa, Omar
    16TH IEEE INTERNATIONAL CONFERENCE ON SEMANTIC COMPUTING (ICSC 2022), 2022, : 151 - 158
  • [20] The security system for maintenance of the required information security level
    Kiedrowicz, Maciej
    Stanik, Jerzy
    22ND INTERNATIONAL CONFERENCE ON CIRCUITS, SYSTEMS, COMMUNICATIONS AND COMPUTERS (CSCC 2018), 2018, 210
12345