A security engineering process based on patterns

Proceedings - International Workshop on Database and Expert Systems Applications, DEXA

Volumn , Issue , 2007, Pages 734-738

  Hatebur, Denis ^a,b   Heisel, Maritta ^b   Schmidt, Holger ^b  

^a ITESYS Institute for Technical Systems GmbH   (Germany)

^b UNIVERSITY OF DUISBURG ESSEN   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

ADMINISTRATIVE DATA PROCESSING; ARTIFICIAL INTELLIGENCE; DECISION SUPPORT SYSTEMS; EXPERT SYSTEMS; MANAGEMENT INFORMATION SYSTEMS; PROCESS ENGINEERING; SECURITY SYSTEMS; TECHNOLOGY;

PROBLEM FRAMES; SECURITY ENGINEERING; SECURITY PROBLEMS; STEP-BY-STEP;

DATABASE SYSTEMS;

EID: 42449136587     PISSN: 15294188     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/DEXA.2007.36     Document Type: Conference Paper

References (11)

1. E. Fernandez. A methodology for secure software design. In Proc. Int. Conference on Software Engineering Research and Practice, 2004.
2. S. Gürses, J. H. Jahnke, C. Obry, A. Onabajo, T. Santen, and M. Price. Eliciting confidentiality requirements in practice. In CASCON '05: Proceedings of the 2005 conference of the Centre for Advanced Studies on Collaborative research, pages 101-116. IBM Press, 2005.
3. C. B. Haley, J. D. Moffett, R. Laney, and B. Nuseibeh. A framework for security requirements engineering. In SESS '06: Proceedings of the 2006 international workshop on Software engineering for secure systems, pages 35-42, New York, NY, USA, 2006. ACM Press.
4. D. Hatebur, M. Heisel, and H. Schmidt. Security engineering using problem frames. In G. Müller, editor, Proceedings of the International Conference on Emerging Trends in Information and Communication Security (ETRICS), LNCS 3995, pages 238-253. Springer-Verlag, 2006.
5. D. Hatebur, M. Heisel, and H. Schmidt. A pattern system for security requirements engineering. In Proceedings of the International Conference on Availability, Reliability and Security (AReS), IEEE Transactions, pages 356-365. IEEE, 2007.
6. M. Jackson. Problem Frames. Analyzing and structuring software development problems. Addison-Wesley, 2001.
7. M. Jackson and P. Zave. Deriving specifications from requirements: an example. In Proceedings 17th Int. Conf. on Software Engineering, Seattle, USA, pages 15-24. ACM Press, 1995.
8. L. Lin, B. Nuseibeh, D. Ince, and M. Jackson. Using abuse frames to bound the scope of security problems. In Proceedings of 11th IEEE International Requirements Engineering-Conference (RE'04), pages 354-355, 2004.
9. G. Popp, J. Jürjens, G. Wimmel, and R. Breu. Security-critical system development with extended use cases. In APSEC, pages 478-487, 2003.
10. H. Schmidt and I. Wentzlaff. Preserving software quality characteristics from requirements analysis to architectural design. In Proceedings of the European Workshop on Software Architectures (EWSA), volume 4344/2006, pages 189-203. Springer Berlin / Heidelberg, 2006.
11. M. Schumacher, E. Fernandez-Buglioni, D. Hybertson, F. Buschmann, and P. Sommerlad. Security Patterns: Integrating Security and Systems Engineering. Wiley & Sons, 2005.