Integrating Security and Systems Engineering: Towards the Modelling of Secure Information Systems

Mouratidis, Haralambos and Giorgini, Paolo and Manson, Gordon (2003) ‘Integrating Security and Systems Engineering: Towards the Modelling of Secure Information Systems’,

[img]
Preview
Text
Mouratidis, H et al (2003) LNCS 2681 63-78.pdf - Accepted Version
Available under License Creative Commons Attribution No Derivatives.

Download (277Kb) | Preview
Official URL: http://dx.doi.org/10.1007/3-540-45017-3_7

Abstract

Security is a crucial issue for information systems. Traditionally, security is considered after the definition of the system. However, this approach often leads to problems, which translate into security vulnerabilities. From the viewpoint of the traditional security paradigm, it should be possible to eliminate such problems through better integration of security and systems engineering. This paper argues for the need to develop a methodology that considers security as an integral part of the whole system development process. The paper contributes to the current state of the art by proposing an approach that considers security concerns as an integral part of the entire system development process and by relating this approach with existing work. The different stages of the approach are described with the aid of a case study; a health and social care information system.

Item Type: Conference or Event Item (Paper)
Additional Information: Citation: Mouratidis, H; Giorgini, P; Manson, G. (2003) ‘Integrating Security and Systems Engineering: Towards the Modelling of Secure Information Systems. In: Eder, J. Missikoff, M. (Eds) CAiSE 2003, LNCS 2681, pp 63-78.
Divisions: Schools > Architecture Computing and Engineering, School of
Depositing User: Mr Stephen Grace
Date Deposited: 14 Jan 2010 16:30
Last Modified: 27 Sep 2012 11:59
URI: http://hdl.handle.net/10552/480

Actions (login required)

View Item View Item