Title :
Requirement Centric Security Evaluation of Software Intensive Systems
Author_Institution :
VTT Tech. Res. Centre of Finland, Espoo
Abstract :
Information security demands are increasing in nowadays complex and networked information technology environment. Systematic development of the information security requirements of practical software-intensive systems is typically ignored, at an inadequate level or relies heavily on the experience of the security professionals. However, it is obvious that security requirements should be the paid attention in all phases of security engineering. We introduce a preliminary framework for security evaluation based on security requirement definition, behavior modeling and evidence collection.
Keywords :
information technology; security of data; centric security evaluation; evidence collection; information security demands; information technology environment; software intensive systems; software-intensive systems; Computer security; IEC standards; ISO standards; Information security; Information technology; Maintenance engineering; Reliability engineering; Software engineering; Software systems; Testing;
Conference_Titel :
Dependability of Computer Systems, 2007. DepCoS-RELCOMEX '07. 2nd International Conference on
Conference_Location :
Szklarska
Print_ISBN :
0-7695-2850-3
DOI :
10.1109/DEPCOS-RELCOMEX.2007.41
