Utilizing security requirements engineering methods for operational security maintenance purposes

被引:0
|
作者
Abuosba, Khalil
El-Sheikh, Asim
Martin, Clemens
机构
来源
2008 CANADIAN CONFERENCE ON ELECTRICAL AND COMPUTER ENGINEERING, VOLS 1-4 | 2008年
关键词
security; fault; event; trees; maintenance;
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Secure systems are achieved by implementing appropriate controls and policies specified based on appropriate selection of minimum security requirements. Maintaining security for these systems is a major challenge. Systems may encounter threats that may arise due to exploitation of vulnerabilities or due to programming flaws. In this work we address security requirements engineering approaches and focus primarily on methods that may be utilized for the purpose of investigating incidents. We have shown empirically that threats may be identified by using methods such as faults trees; and systematically that by using other methods such as events trees, incidents may be avoided or prevented.
引用
收藏
页码:1763 / 1767
页数:5
相关论文
共 50 条
  • [21] Identifying Security Requirements Body of Knowledge for the Security Systems Engineer
    von Solms, Sune
    Marnewick, Annlize
    INFORMATION SECURITY EDUCATION: EDUCATION IN PROACTIVE INFORMATION SECURITY, WISE 12, 2019, 557 : 59 - 71
  • [22] A Study of Security Requirements Negotiation
    Ye, Xinfeng
    2014 IEEE 12TH INTERNATIONAL CONFERENCE ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING (DASC)/2014 IEEE 12TH INTERNATIONAL CONFERENCE ON EMBEDDED COMPUTING (EMBEDDEDCOM)/2014 IEEE 12TH INTERNATIONAL CONF ON PERVASIVE INTELLIGENCE AND COMPUTING (PICOM), 2014, : 51 - 56
  • [23] Security Requirements for Smart Toys
    de Carvalho, Luciano Goncalves
    Eler, Marcelo Medeiros
    ICEIS: PROCEEDINGS OF THE 19TH INTERNATIONAL CONFERENCE ON ENTERPRISE INFORMATION SYSTEMS - VOL 2, 2017, : 144 - 154
  • [24] SECURITY REQUIREMENTS FOR NETWORK MANAGEMENT
    SHIREY, RW
    COMPUTER STANDARDS & INTERFACES, 1995, 17 (04) : 321 - 331
  • [25] System Engineering Security
    Moradian, Esmiralda
    KNOWLEDGE-BASED AND INTELLIGENT INFORMATION AND ENGINEERING SYSTEMS, PT II, PROCEEDINGS, 2009, 5712 : 821 - 828
  • [26] A Case Study of Introducing Security Risk Assessment in Requirements Engineering in a Large Organization
    Ardi S.
    Sandahl K.
    Gustafsson M.
    SN Computer Science, 4 (5)
  • [27] Relating Security Requirements and Design Patterns Reducing Security Requirements implementation impacts with Design Patterns
    Ferraz, Felipe Silva
    Assad, Rodrigo Elia
    Lemos Meira, Silvio Romero
    2009 FOURTH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING ADVANCES (ICSEA 2009), 2009, : 9 - 14
  • [28] Enhancing Software Sustainability: Leveraging Large Language Models to Evaluate Security Requirements Fulfillment in Requirements Engineering
    Subahi, Ahmad F.
    SYSTEMS, 2025, 13 (02):
  • [29] Maintenance & Information Security Ontology
    Si Ahmed, Boualem
    Berrani, Meryem
    Fatima, Nibouche
    2017 4TH INTERNATIONAL CONFERENCE ON CONTROL, DECISION AND INFORMATION TECHNOLOGIES (CODIT), 2017, : 312 - 317
  • [30] Terahertz detection of substances for security related purposes
    Ung, B.
    Balakrishnan, J.
    Fischer, B.
    Ng, B. W. -H.
    Abbott, D.
    SMART STRUCTURES, DEVICES, AND SYSTEMS III, 2007, 6414
12345