Requirement centric security evaluation of software intensive systems

被引:3
|
作者
Savola, Reijo [1 ]
机构
[1] VTT Tech Res Ctr Finland, Espoo, Finland
来源
DepCoS - RELCOMEX '07: International Conference on Dependability of Computer Systems, Proceedings | 2007年
关键词
D O I
10.1109/DEPCOS-RELCOMEX.2007.41
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Information security demands are increasing in nowadays complex and networked information technology environment. Systematic development of the information security requirements of practical software-intensive systems is typically ignored, at an inadequate level or relies heavily on the experience of the security professionals. However, it is obvious that security requirements should be the paid attention in all phases of security engineering. We introduce a preliminary framework for security evaluation based on security requirement definition, behavior modeling and evidence collection.
引用
收藏
页码:135 / 142
页数:8
相关论文
共 50 条
  • [1] A requirement centric framework for information security evaluation
    Savola, Reijo
    ADVANCES IN INFORMATION AND COMPUTER SECURITY, PROCEEDINGS, 2006, 4266 : 48 - 59
  • [2] A Security Metrics Development Method for Software Intensive Systems
    Savola, Reijo M.
    ADVANCES IN INFORMATION SECURITY AND ITS APPLICATION, 2009, 36 : 11 - 16
  • [3] Security in Software Engineering Requirement
    Al-Shorafat, Wafa Slaibi
    2013 8TH INTERNATIONAL CONFERENCE FOR INTERNET TECHNOLOGY AND SECURED TRANSACTIONS (ICITST), 2013, : 666 - 673
  • [4] Engineering safety and security related requirements for software intensive systems
    Firesmith, Donald G.
    29th International Conference on Software Engineering: ICSE 2007 Companion Volume, Proceedings, 2007, : 169 - 169
  • [5] On the Feasibility of Utilizing Security Metrics in Software-Intensive Systems
    Savola, Reijo
    INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2010, 10 (01): : 230 - 239
  • [6] A Security Metrics Taxonomization Model for Software-Intensive Systems
    Savola, Reijo M.
    JOURNAL OF INFORMATION PROCESSING SYSTEMS, 2009, 5 (04): : 197 - 206
  • [7] An Analysis for Understanding Software Security Requirement Methodologies
    Du, Jing
    Yang, Ye
    Wang, Qing
    2009 THIRD IEEE INTERNATIONAL CONFERENCE ON SECURE SOFTWARE INTEGRATION AND RELIABILITY IMPROVEMENT, PROCEEDINGS, 2009, : 141 - 149
  • [8] Security Countermeasure Selection for Component-Based Software-Intensive Systems
    Skandylas, Charilaos
    Khakpour, Narges
    Camara, Javier
    2022 IEEE 22ND INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY AND SECURITY, QRS, 2022, : 63 - 72
  • [9] Security centric systems for information technology
    Tezuka, Satoru
    Mitsunaga, Satoshi
    Nakagami, Shoichi
    Kitajima, Hiroyuki
    Hitachi Review, 1999, 48 (04): : 187 - 191
  • [10] Requirement Analysis for Abstracting Security in Software Defined Network
    Nehra, Ajay
    Tripathi, Meenakshi
    Gaur, M. S.
    2017 8TH INTERNATIONAL CONFERENCE ON COMPUTING, COMMUNICATION AND NETWORKING TECHNOLOGIES (ICCCNT), 2017,
12345