Security engineering: IT is all about control and assurance objectives

Enterprise Information Systems Assurance and System Security: Managerial and Technical Issues

Volumn , Issue , 2006, Pages 168-181

  Henning, Ronda R ^a  

^a Harris Corporation   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 84898245139     PISSN: None     EISSN: None     Source Type: Book    
DOI: 10.4018/978-1-59140-911-3.ch011     Document Type: Chapter

References (16)

1. Calabrese, T. (2004). Information security intelligence: Cryptographic principles and applications. Clifton Park, NY: Delmar Learning/Thomson Learning, Inc.
2. CMMI Author Team. (2002). Capability maturity model integration, Version 1.1. CMMI for systems engineering, software engineering, integrated product and process development, and supplier sourcing (CMMI-SE/SW/IPPD/SS, V1.1), Staged Representation (No. CMU/SEI-2002-TR-012, ESC-TR-2002-012). Pittsburgh, PA: Carnegie Mellon University.
3. Goldenson, D.R., & Gibson, D. L. (2003). Demonstrating the impact and benefits of the CMMI (No. CMU/SEI-2003-SR-009). Pittsburgh, PA: Software Engineering Institute.
4. Haley, C. B., Laney, R. C., & Nuseibeh, B. (2004, March). Deriving security requirements from a crosscutting threat descriptions. Paper presented at the Third International Conference on Aspect-Oriented Software Development '04, Lancaster, UK.
5. Henning, R. (1999, November 29-December 2). Information assurance: The forgotten requirement in modeling and simulation systems. In Proceedings of Interservice/Industry Training, Simulation, and Education Conference (IITSEC) (pp. 298-305). Orlando, FL: IITSEC.
6. International Standards Organization/International Electrical Commission (ISO/IEC). (1998). ISO/IEC 15408, COMMON CRITERIA FOR INFORMATION TECHNOL-OGY SECURITY EVALUATION. Washington, DC: U.S. Government Printing Office.
7. International Standards Organization/International Electrical Commission (ISO/IEC). (2000, March 1). ISO/IEC 17799 Code of practice for information security management. Retrieved May 30, 2005, from http://www.iso.ch/iso/en/ISOOnline.openerpage
8. International Standards Organization/International Electrical Commission (ISO/IEC). (2002). ISO/IEC 21827: 2002-10-01(e) Information technology - Systems security engineering capability maturity model (SSE-CMM). Washington, DC: International System Security Engineering Association.
9. Koch, M., & Parisi-Presicce, F. (2003, October 30). Formal access control analysis in the software development process. Paper presented at the ACM Conference on Formal Methods in Software Engineering '03, Washington, DC.
10. Kotonya, G., & Sommerville, I. (1998). Requirements engineering: Processes and techniques. West Sussex, UK: John Wiley & Sons.
11. National Institute of Standards and Technology (NIST). (2002, November). International Standard ISO/IEC 17799:2000 Code of practice for information security management: Frequently asked questions. Retrieved May 29, 2005, from www.nist.gov.csrc
12. th ed.). New York: McGraw-Hill Company.
13. Sommerville (2001). Software engineering. Essex, UK: Pearson Education Ltd./Addison Wesley Publishers.
14. Syntegra (1998). Common criteria version 2.0 - An introduction. London.
15. th Annual Canadian Information Technology Security Symposium (pp. 150-158). Ottawa, Canada: Department of Defence.
16. th ed.). New York: McGraw-Hill/Irwin Inc.