Towards a Security Engineering Process

Christine Artelsmair; Roland Wagner

Towards a Security Engineering Process

Christine Artelsmair, Roland Wagner

Institute for Application-oriented Knowledge Processing

Research output: Chapter in Book/Report/Conference proceeding › Conference proceedings › peer-review

Abstract

It is very difficult to make IT-systems secure as there are many different components and mechanisms involved such as operating systems, computer networks, and software engineering. Without a systematic methodology, security requirements are often retrofitted late in the design process or pursued separately from functional design. To fill this gap, we are currently working on a security engineering process which extends the software development process presented in [12]. The security engineering process will provide a rich set of expressive guidelines and functions, enforcing the integration of security aspects in early stages of the software development process. The basic building blocks of the process are high-level security requirements and mechanisms, which can be summarized in a so-called requirements/mechanisms matrix. The approach will be based on UML (Unified Modeling Language) which is a general-purpose, nonproprietary modeling language. UML includes all the concepts that are necessary to support a modern iterative software development process. Keywords: Security, Conceptual Security Modeling, Software Engineering.

Original language	English
Title of host publication	The 7th World Multiconference on Systemics, Cybernetics and Informatics
Editors	Nagib Callaos, William Lesso, Belkis Sánchez, Elizabeth Hansen
Publisher	IIIS International Institute of Informatics and Systemics
Pages	22-27
Number of pages	6
Volume	VI
ISBN (Print)	980-6560-01-9
Publication status	Published - Jul 2003

Fields of science

102001 Artificial intelligence
102006 Computer supported cooperative work (CSCW)
102010 Database systems
102014 Information design
102015 Information systems
102016 IT security
102028 Knowledge engineering
102019 Machine learning
102022 Software development
102025 Distributed systems
502007 E-commerce
505002 Data protection
506002 E-government
509018 Knowledge management
202007 Computer integrated manufacturing (CIM)
102033 Data mining
102035 Data science

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Cite this

@inproceedings{813a4a5e19644b999d9c2fc26b2d5835,

title = "Towards a Security Engineering Process",

abstract = "It is very difficult to make IT-systems secure as there are many different components and mechanisms involved such as operating systems, computer networks, and software engineering. Without a systematic methodology, security requirements are often retrofitted late in the design process or pursued separately from functional design. To fill this gap, we are currently working on a security engineering process which extends the software development process presented in [12]. The security engineering process will provide a rich set of expressive guidelines and functions, enforcing the integration of security aspects in early stages of the software development process. The basic building blocks of the process are high-level security requirements and mechanisms, which can be summarized in a so-called requirements/mechanisms matrix. The approach will be based on UML (Unified Modeling Language) which is a general-purpose, nonproprietary modeling language. UML includes all the concepts that are necessary to support a modern iterative software development process. Keywords: Security, Conceptual Security Modeling, Software Engineering.",

author = "Christine Artelsmair and Roland Wagner",

year = "2003",

month = jul,

language = "English",

isbn = "980-6560-01-9",

volume = "VI",

pages = "22--27",

editor = "\{Nagib Callaos, William Lesso, Belkis S{\'a}nchez, Elizabeth Hansen\}",

booktitle = "The 7th World Multiconference on Systemics, Cybernetics and Informatics",

publisher = "IIIS International Institute of Informatics and Systemics",

}

Towards a Security Engineering Process. / Artelsmair, Christine; Wagner, Roland.
The 7th World Multiconference on Systemics, Cybernetics and Informatics. ed. / Nagib Callaos, William Lesso, Belkis Sánchez, Elizabeth Hansen. Vol. VI IIIS International Institute of Informatics and Systemics, 2003. p. 22-27.

Research output: Chapter in Book/Report/Conference proceeding › Conference proceedings › peer-review

TY - GEN

T1 - Towards a Security Engineering Process

AU - Artelsmair, Christine

AU - Wagner, Roland

PY - 2003/7

Y1 - 2003/7

N2 - It is very difficult to make IT-systems secure as there are many different components and mechanisms involved such as operating systems, computer networks, and software engineering. Without a systematic methodology, security requirements are often retrofitted late in the design process or pursued separately from functional design. To fill this gap, we are currently working on a security engineering process which extends the software development process presented in [12]. The security engineering process will provide a rich set of expressive guidelines and functions, enforcing the integration of security aspects in early stages of the software development process. The basic building blocks of the process are high-level security requirements and mechanisms, which can be summarized in a so-called requirements/mechanisms matrix. The approach will be based on UML (Unified Modeling Language) which is a general-purpose, nonproprietary modeling language. UML includes all the concepts that are necessary to support a modern iterative software development process. Keywords: Security, Conceptual Security Modeling, Software Engineering.

AB - It is very difficult to make IT-systems secure as there are many different components and mechanisms involved such as operating systems, computer networks, and software engineering. Without a systematic methodology, security requirements are often retrofitted late in the design process or pursued separately from functional design. To fill this gap, we are currently working on a security engineering process which extends the software development process presented in [12]. The security engineering process will provide a rich set of expressive guidelines and functions, enforcing the integration of security aspects in early stages of the software development process. The basic building blocks of the process are high-level security requirements and mechanisms, which can be summarized in a so-called requirements/mechanisms matrix. The approach will be based on UML (Unified Modeling Language) which is a general-purpose, nonproprietary modeling language. UML includes all the concepts that are necessary to support a modern iterative software development process. Keywords: Security, Conceptual Security Modeling, Software Engineering.

UR - http://www.faw.uni-linz.ac.at/FAW_WWW/online/papers/2003sci/carrw_sci03.pdf

M3 - Conference proceedings

SN - 980-6560-01-9

VL - VI

SP - 22

EP - 27

BT - The 7th World Multiconference on Systemics, Cybernetics and Informatics

A2 - Nagib Callaos, William Lesso, Belkis Sánchez, Elizabeth Hansen, null

PB - IIIS International Institute of Informatics and Systemics

ER -

Towards a Security Engineering Process

Abstract

Fields of science

UN SDGs

Other files and links

Cite this