Utilizing security requirements engineering methods for operational security maintenance purposes

被引:0
|
作者
Abuosba, Khalil
El-Sheikh, Asim
Martin, Clemens
机构
来源
2008 CANADIAN CONFERENCE ON ELECTRICAL AND COMPUTER ENGINEERING, VOLS 1-4 | 2008年
关键词
security; fault; event; trees; maintenance;
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Secure systems are achieved by implementing appropriate controls and policies specified based on appropriate selection of minimum security requirements. Maintaining security for these systems is a major challenge. Systems may encounter threats that may arise due to exploitation of vulnerabilities or due to programming flaws. In this work we address security requirements engineering approaches and focus primarily on methods that may be utilized for the purpose of investigating incidents. We have shown empirically that threats may be identified by using methods such as faults trees; and systematically that by using other methods such as events trees, incidents may be avoided or prevented.
引用
收藏
页码:1763 / 1767
页数:5
相关论文
共 50 条
  • [11] Position on Metrics for Security in Requirements Engineering
    Kundi, Mahwish
    Chitchyan, Ruzanna
    2014 IEEE 1ST INTERNATIONAL WORKSHOP ON REQUIREMENTS ENGINEERING AND TESTING (RET), 2014, : 29 - 31
  • [12] A pattern system for security requirements engineering
    Hatebur, Denis
    Heisel, Maritta
    Schmidt, Holger
    ARES 2007: SECOND INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, PROCEEDINGS, 2007, : 356 - +
  • [13] Visualising privacy and security for requirements engineering
    Kreeger, MN
    Duncan, I
    SERP'04: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING RESEARCH AND PRACTICE, VOLS 1 AND 2, 2004, : 813 - 819
  • [14] A Readiness Model for Security Requirements Engineering
    Mufti, Yusuf
    Niazi, Mahmood
    Alshayeb, Mohammad
    Mahmood, Sajjad
    IEEE ACCESS, 2018, 6 : 28611 - 28631
  • [15] A systematic review of security requirements engineering
    Mellado, Daniel
    Blanco, Carlos
    Sanchez, Luis E.
    Fernandez-Medina, Eduardo
    COMPUTER STANDARDS & INTERFACES, 2010, 32 (04) : 153 - 165
  • [16] Research on Security Requirements Engineering Process
    Wang, Hui
    Jia, Zongpu
    Shen, Zihao
    2009 IEEE 16TH INTERNATIONAL CONFERENCE ON INDUSTRIAL ENGINEERING AND ENGINEERING MANAGEMENT, VOLS 1 AND 2, PROCEEDINGS, 2009, : 1285 - 1288
  • [17] THE SECURITY ENGINEERING DESIGN PROCESS, AN EVALUATION PROCEDURE FOR PHYSICAL SECURITY REQUIREMENTS
    BETTS, CP
    STRUCTURES FOR ENHANCED SAFETY AND PHYSICAL SECURITY, 1989, : 61 - 72
  • [18] Approaches and methods of security engineering
    Kim, Tai-Hoon
    RECENT PROGRESS IN COMPUTATIONAL SCIENCES AND ENGINEERING, VOLS 7A AND 7B, 2006, 7A-B : 1308 - 1310
  • [19] Towards security requirements management for software product lines:: A security domain requirements engineering process
    Mellado, Daniel
    Fernandez-Medina, Eduardo
    Piattini, Mario
    COMPUTER STANDARDS & INTERFACES, 2008, 30 (06) : 361 - 371
  • [20] Operational security requirements for large collaborative compute infrastructures
    Khurana, Himanshu
    Basney, Jim
    Welch, Von
    Campbell, Roy
    2006 INTERNATIONAL CONFERENCE ON COLLABORATIVE COMPUTING: NETWORKING, APPLICATIONS AND WORKSHARING, 2006, : 374 - +
12345