Aligning mal-activity diagrams and security risk management for security requirements definitions

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 7195 LNCS, Issue , 2012, Pages 132-139

  Chowdhury, Mohammad Jabed Morshed ^a,b   Matulevičius, Raimundas ^a   Sindre, Guttorm ^b   Karpati, Peter ^b  

^a UNIVERSITY OF TARTU   (Estonia)

^b NORWEGIAN UNIVERSITY OF SCIENCE AND TECHNOLOGY   (Norway)

Author keywords

Information system security risk management; Mal activity diagrams; Requirement engineering; Risk management

Indexed keywords

CONCEPTUAL FRAMEWORKS; DESIGN STAGE; DOMAIN MODEL; INFORMATION SYSTEM SECURITY; INFORMATION SYSTEMS SECURITY; LANGUAGE CONSTRUCTS; MAL-ACTIVITY DIAGRAMS; MODEL SECURITY; MODELLING LANGUAGE; REQUIREMENT ENGINEERING; SECURITY ENGINEERING; SECURITY REQUIREMENTS; SYSTEM DEVELOPMENT; SYSTEM DEVELOPMENT PROCESS; SYSTEM REQUIREMENTS;

COMPUTER SOFTWARE SELECTION AND EVALUATION; DESIGN; INFORMATION SYSTEMS; REQUIREMENTS ENGINEERING; RISK MANAGEMENT; SYSTEMS ANALYSIS;

INFORMATION MANAGEMENT;

EID: 84858311224     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-28714-5_11     Document Type: Conference Paper

References (6)

1. Chowdhury, M.J.M.: Modeling Security Risks at the System Design Stage: Alignment of Mal-activity Diagrams and SecureUML to the ISSRM Domain Model. Master Theses (2011), http://nordsecmob.tkk.fi/thesis.html
2. Dubois, E., Heymans, P., Mayer, N., Matulevičius, R.: A Systematic Approach to Define the Domain of Information System Security Risk Management. In: Nurcan, S., Salinesi, C., Souveyet, C., Ralytė, J. (eds.) International Perspectives on Information Systems Engineering, pp. 289-306. Springer, Heidelberg (2010)
3. Matulevičius, R., Mayer, N., Heymans, P.: Alignment of Misuse cases with Security Risk Management. In: 3rd International Conference on Availability, Reliability and Security, pp. 1397-1404. IEEE Computer Society, Washington (2008)
4. Matulevičius, R., Mayer, N., Mouratidis, H., Dubois, E., Heymans, P., Genon, N.: Adapting Secure Tropos for Security Risk Management in the Early Phases of Information Systems Development. In: Bellahsène, Z., Léonard, M. (eds.) CAiSE 2008. LNCS, vol. 5074, pp. 541-555. Springer, Heidelberg (2008)
5. Mayer, N.: Model Based Management of Information System Security Risk. Doctoral Thesis, University of Namur (2009)
6. Sindre, G.: Mal-Activity Diagrams for Capturing Attacks on Business Processes. In: Sawyer, P., Paech, B., Heymans, P. (eds.) REFSQ 2007. LNCS, vol. 4542, pp. 355-366. Springer, Heidelberg (2007)