Andere Kunden interessierten sich auch für
![The Information Security Maturity Model (ISMM)]( "The Information Security Maturity Model (ISMM)")
The Information Security Maturity Model (ISMM)38,99 €![Managing information security in organizations]( "Managing information security in organizations")
Managing information security in organizations32,99 €![Access Control Model with Role-Based Security Concept]( "Access Control Model with Role-Based Security Concept")
Access Control Model with Role-Based Security Concept38,99 €![Bluetooth Security in Industrial Networks]( "Bluetooth Security in Industrial Networks")
Bluetooth Security in Industrial Networks38,99 €![Security Enhancement Schemes for Wireless Networks]( "Security Enhancement Schemes for Wireless Networks")
Security Enhancement Schemes for Wireless Networks44,99 €![Economic Relevance of IT-Security]( "Economic Relevance of IT-Security")
Economic Relevance of IT-Security38,99 €![Enhancing the Security of Web Commerce Transactions]( "Enhancing the Security of Web Commerce Transactions")
Enhancing the Security of Web Commerce Transactions44,99 €
This book presents a framework for security
requirements elicitation and analysis. The framework
is based on constructing a context for the system,
representing security requirements as constraints,
and developing satisfaction arguments for the
security requirements. The system context is
described using a problem-oriented notation, then is
validated against the security requirements through
construction of a satisfaction argument. The
satisfaction argument consists of two parts: a formal
argument that the system can meet its security
requirements, and a structured informal argument
challenging the assumptions in the formal argument.
The construction of the satisfaction argument may
fail, revealing either that the security requirement
cannot be satisfied in the context, or that the
context does not contain sufficient information to
develop the argument. In this case, designers and
architects are asked to provide additional design
information to resolve the problems. The framework is
evaluated by applying it to an analysis of security
requirements within an air traffic control technology
evaluation project.
requirements elicitation and analysis. The framework
is based on constructing a context for the system,
representing security requirements as constraints,
and developing satisfaction arguments for the
security requirements. The system context is
described using a problem-oriented notation, then is
validated against the security requirements through
construction of a satisfaction argument. The
satisfaction argument consists of two parts: a formal
argument that the system can meet its security
requirements, and a structured informal argument
challenging the assumptions in the formal argument.
The construction of the satisfaction argument may
fail, revealing either that the security requirement
cannot be satisfied in the context, or that the
context does not contain sufficient information to
develop the argument. In this case, designers and
architects are asked to provide additional design
information to resolve the problems. The framework is
evaluated by applying it to an analysis of security
requirements within an air traffic control technology
evaluation project.