Sciweavers

CAISE
2009
Springer

Secure Information Systems Engineering: Experiences and Lessons Learned from Two Health Care Projects

13 years 10 months ago
Secure Information Systems Engineering: Experiences and Lessons Learned from Two Health Care Projects
In CAiSE 2006, we had presented a framework to support development of secure information systems. The framework was based on the integration of two security-aware approaches, the Secure Tropos methodology, which provides an approach for security requirements elicitation, and the UMLsec approach, which allows one to include the security requirements into design models and offers tools for security analysis. In this paper we reflect on the usage of this framework and we report our experiences of applying it to two different industrial case studies from the health care domain. However, due to lack of space we only describe in this paper one of the case studies. Our findings demonstrate that the support of the framework for the consideration of security issues from the early stages and throughout the development process can result in a substantial improvement in the security of the analysed systems.
Haralambos Mouratidis, Ali Sunyaev, Jan Jürje
Added 26 May 2010
Updated 26 May 2010
Type Conference
Year 2009
Where CAISE
Authors Haralambos Mouratidis, Ali Sunyaev, Jan Jürjens
Comments (0)