Mouratidis, Haralambos and Giorgini, Paolo and Manson, Gordon (2005) ‘When Security meets Software Engineering: A case of modelling secure information systems’, Information Systems, 30(8), pp. 609-629.
Use this permanent URL when citing or linking to this resource in ROAR.
Although security is a crucial issue for information systems, traditionally, it is considered after the definition of the system. This approach often leads to problems, which most of the times translate into security vulnerabilities. From the viewpoint of the traditional security paradigm, it should be possible to eliminate such problems through better integration of security and software engineering. This paper firstly argues for the need to develop a methodology that considers security as an integral part of the whole system development process, and secondly it contributes to the current state of the art by proposing an approach that considers security concerns as an integral part of the entire system development process and by relating this approach with existing work. The different stages of the approach are described with the aid of a real-life case study; a health and social care information system.
|Divisions:||Schools > Architecture Computing and Engineering, School of|
|Additional Information:||Citation: Mouratidis, H., Giorgini, P., Manson, G. (2005) ‘When Security meets Software Engineering: A case of modelling secure information systems’ Information Systems 30 (8) 609-629.|
|Date Deposited:||02 Dec 2009 13:32|
|Creators:||Mouratidis, Haralambos and Giorgini, Paolo and Manson, Gordon|
|Last Modified:||27 Sep 2012 11:59|
|Depositing User:||Stephen Grace|