Despite a growing awareness of security issues in networked computing systems, most development processes used today still do not take security aspects into account. To address th...
In CAiSE 2006, we had presented a framework to support development of secure information systems. The framework was based on the integration of two security-aware approaches, the S...
The paper proposes an assessment scheme for the security properties of software components. The proposed scheme consists of three stages: (i) a system-specific security requireme...
This paper presents a framework for security requirements elicitation and analysis. The framework is based on constructing a context for the system, representing security requireme...
Charles B. Haley, Robin C. Laney, Jonathan D. Moff...
This paper extends the work described in “An Approach to the Formalisation of a Certification Policy”, 7th International Symposium on System and Information Security (SSI 2005...