مرکز منطقه ای اطلاع رساني علوم و فناوري - Threat- and Risk-Analysis During Early Security Requirements Engineering

DocumentCode :

1958994

Title :

Threat- and Risk-Analysis During Early Security Requirements Engineering

Author :

Schmidt, Holger

Author_Institution :

Dept. of Comput. Sci. & Appl. Cognitive Sci., Univ. Duisburg-Essen, Duisburg, Germany

fYear :

2010

fDate :

15-18 Feb. 2010

Firstpage :

188

Lastpage :

195

Abstract :

We present a threat and risk-driven methodology to security requirements engineering. Our approach has a strong focus on gathering, modeling, and analyzing the environment in which a secure ICT-system to be built is located. The knowledge about the environment comprises threat and risk models. This security-relevant knowledge is used to assess the adequacy of security mechanisms, which are selected to establish security requirements.

Keywords :

knowledge engineering; risk analysis; security of data; software engineering; early security requirements engineering; risk analysis; secure ICT-system; security-relevant knowledge; threat analysis; Availability; Cognitive science; Computer science; Computer security; Cryptography; Data security; Programming; Reliability engineering; Risk analysis; Strontium; domain knowledge; risk analysis; security requirements engineering; threat analysis;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Availability, Reliability, and Security, 2010. ARES '10 International Conference on

Conference_Location :

Krakow

Print_ISBN :

978-1-4244-5879-0

Type :

conf

DOI :

10.1109/ARES.2010.14

Filename :

5438095

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=1958994