Utilizing security requirements engineering methods for operational security maintenance purposes

被引:0
|
作者
Abuosba, Khalil
El-Sheikh, Asim
Martin, Clemens
机构
来源
2008 CANADIAN CONFERENCE ON ELECTRICAL AND COMPUTER ENGINEERING, VOLS 1-4 | 2008年
关键词
security; fault; event; trees; maintenance;
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Secure systems are achieved by implementing appropriate controls and policies specified based on appropriate selection of minimum security requirements. Maintaining security for these systems is a major challenge. Systems may encounter threats that may arise due to exploitation of vulnerabilities or due to programming flaws. In this work we address security requirements engineering approaches and focus primarily on methods that may be utilized for the purpose of investigating incidents. We have shown empirically that threats may be identified by using methods such as faults trees; and systematically that by using other methods such as events trees, incidents may be avoided or prevented.
引用
收藏
页码:1763 / 1767
页数:5
相关论文
共 50 条
  • [21] A Review of Security Requirements Engineering Methods with Respect to Risk Analysis and Model-Driven Engineering
    Munante, Denisse
    Chiprianov, Vanea
    Gallon, Laurent
    Aniorte, Philippe
    AVAILABILITY, RELIABILITY, AND SECURITY IN INFORMATION SYSTEMS, 2014, 8708 : 79 - 93
  • [22] Electronic voting systems security requirements engineering
    Daimi, K
    Wilson, C
    SERP '05: PROCEEDINGS OF THE 2005 INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING RESEARCH AND PRACTICE, VOLS 1 AND 2, 2005, : 230 - 235
  • [23] Enhancing security requirements engineering by organizational learning
    Kurt Schneider
    Eric Knauss
    Siv Houmb
    Shareeful Islam
    Jan Jürjens
    Requirements Engineering, 2012, 17 : 35 - 56
  • [24] Experimental Evaluation of Security Requirements Engineering Benefits
    Boutahar, Jaouad
    Maskani, Ilham
    El Ghazi El Houssaini, Souhail
    INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS, 2018, 9 (11) : 411 - 415
  • [25] Security requirements engineering: A framework for representation and analysis
    Haley, Charles B.
    Laney, Robin
    Moffett, Jonathan D.
    Nuseibeh, Bashar
    IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2008, 34 (01) : 133 - 153
  • [26] Framework for Engineering Complex Security Requirements Patterns
    Mazo, Raul
    Feltus, Christophe
    2016 6TH INTERNATIONAL CONFERENCE ON IT CONVERGENCE AND SECURITY (ICITCS 2016), 2016, : 250 - 254
  • [27] Software Security Requirements Engineering: State of the Art
    Ramachandran, Muthu
    GLOBAL SECURITY, SAFETY AND SUSTAINABILITY: TOMORROW'S CHALLENGES OF CYBER SECURITY, ICGS3 2015, 2015, 534 : 313 - 322
  • [28] Security Requirements Engineering From TARA to PenTest
    Ebert, Christof
    2019 27TH IEEE INTERNATIONAL REQUIREMENTS ENGINEERING CONFERENCE (RE 2019), 2019, : 500 - 501
  • [29] Security Requirements Engineering for Secure Business Processes
    Paja, Elda
    Giorgini, Paolo
    Paul, Stephane
    Meland, Per Hakon
    WORKSHOPS ON BUSINESS INFORMATICS RESEARCH, 2012, 106 : 77 - +
  • [30] A Review on Tool Supports for Security Requirements Engineering
    Yahya, Syazwani
    Kamalrudin, Massila
    Sidek, Safiah
    2013 IEEE CONFERENCE ON OPEN SYSTEMS (ICOS), 2013, : 190 - +
12345