A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Filters
Domain Specific Simulation Language For IT Risk Assessment
2011
ECMS 2011 Proceedings edited by: T. Burczynski, J. Kolodziej, A. Byrski, M. Carvalho
Preserved Fulltext
Information technology systems represent the backbone of a company's operational infrastructure. ...
As a novelty for UML modelling, especially for simulation purposes, the presented DSL is enriched by a set of stochastic attributes of modelled activities. ...
The CORAS language is a graphical modelling language for communication, documentation and analysis of security threat and risk scenarios in security risk analyses. ...
doi:10.7148/2011-0342-0347
dblp:conf/ecms/TeilansKKRMD11
fatcat:7bgkzceoevc5dol6kwuyqaehuu
BUSINESS PROCESS MANAGEMENT, AN IMPORTANT AID IN OPTIMIZING ORGANIZATIONAL PROCESSES IN NATIONAL SECURITY INSTITUTIONS
2018
Journal of Defense Resources Management
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
awareness of information security risks. ...
of management and must involve all departments and activities of an organization, from professionals in the field to information to users. ...
Misuse of systems (hacking) is also one of the major risk factors of security systems. ...
doaj:25d04258a9424d8cbf7ff8d3c2b868bd
fatcat:2bbzjfmj2bd2rgllnkelfkecqa
Assessment of Cyber Physical System Risks with Domain Specific Modelling and Simulation
2018
Труды СПИИРАН
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Design of a unified modelling language based domain specific language described in this paper achieves synergy from in IT industry widely used UML modelling technique and the domain specific risk management ...
As a novelty for UML modelling, especially for simulation purposes, the presented DSL is enriched by a set of stochastic attributes of modelled activities. ...
The research described in Section 5 supported by the state research #0073-2018-0003 (# of state registr. AAAA-A16-116030250074-1). ...
doi:10.15622/sp.59.5
fatcat:6j26mrtfuncmnfn5ljns7d7owa
Security Requirement Engineering Issues in Risk Management
2011
International Journal of Computer Applications
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Risk management is one of the most important aspects of security requirement engineering domain, which allows comparing security needs and costs of security measures. ...
Keyword Information System, Requirement Engineering, Security Requirements. ...
CORAS provides a customised language for threat and risk modelling, and comes with detailed guidelines explaining how the language should be used to capture and model relevant information during the various ...
doi:10.5120/2218-2827
fatcat:7bpgwhjmwjgqziaacsfa7ojc5e
Towards the ENTRI Framework: Security Risk Management Enhanced by the Use of Enterprise Architectures
[chapter]
2015
Lecture Notes in Business Information Processing
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Secure information systems engineering is currently a critical but complex concern. ...
In this paper, we motivate the added value of EAM to improve security risk management and propose a research agenda towards a complete framework integrating both domains. ...
Wieringa for his valuable inputs and recommendations about Design Science Methodology. Supported by the National Research Fund, Luxembourg, and financed by the ENTRI project (C14/IS/8329158). ...
doi:10.1007/978-3-319-19243-7_42
fatcat:iv2sw7zbjvdapazwsqz53nemg4
Prospective Tracks in the MSIS 2000 Model Curriculum Framework
2003
Americas Conference on Information Systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
A career track consists of four or more related electives that provides students an opportunity for specialization within information systems. ...
The latest report on MSIS 2000: Model Curriculum and Guidelines for Graduate Degree Programs in Information Systems introduced Career Tracks as one of the curriculum building blocks. ...
The core topics in this course are: designing, implementing, managing, and auditing security at all levels; techniques for assessing risk associated with accidental and international breaches of security ...
dblp:conf/amcis/GorgoneK03
fatcat:ydwgtcgwxbaifbzn6k2f2q2sme
Towards Cloud Computing SLA Risk Management: Issues and Challenges
2012
2012 45th Hawaii International Conference on System Sciences
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
This paper attempts to identify these issues and their corresponding challenges, proposing to use risk and Service Level Agreement (SLA) management as the basis for a service level framework to improve ...
governance, risk and compliance in cloud computing environments. 2012 45th Hawaii International Conference on System Sciences 978-0-7695-4525-7/12 $26.00 ...
Acknowledgements This work is part of the CLOVIS project jointly supported by the Swiss SNF and Luxembourg FNR Lead Agency agreement; under Swiss National Science Foundation grant number 200021E-136316 ...
doi:10.1109/hicss.2012.602
dblp:conf/hicss/MorinAG12
fatcat:7y24lesecfc2xh2jq6rio4h764
Managing changes with legacy security engineering processes
2011
Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We identify some mapping concepts among the domains so that little knowledge is required from the requirement manager about the other domains, and similarly for security risk manager and the system designer ...
We illustrate this example by using the risk modeling language (Security DSML) from Thales Research and the security requirement language (SI*) from the Univ. of Trento. ...
ACKNOWLEDGMENT
This work has been partly funded by EU project -Network of Excellence on Engineering Secure Future Internet Software (NESSoS) and by the EU-FP7-FET-IP-SecureChange project. ...
doi:10.1109/isi.2011.5984064
dblp:conf/isi/FelixDMP11
fatcat:24imhaucgrerxnrcunktoct7le
Integrating Security Requirements Engineering into MBSE: Profile and Guidelines
2020
Security and Communication Networks
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Model-Based System Engineering (MBSE) provides a number of ways on how to create, validate, and verify the complex system design; unfortunately, the inherent security aspects are addressed neither by the ...
Although there are many common points between MBSE and security requirements engineering, the key advantages of MBSE (such as managed complexity, reduced risk and cost, and improved communication across ...
Conflicts of Interest e authors declare that they have no conflicts of interest regarding the publication of this paper. ...
doi:10.1155/2020/5137625
fatcat:dd2l3qlnw5hdvnzrjhc34daphq
STAR-TRANS Modeling Language (STML) modeling risk in the STAR-TRANS risk assessment framework for interconnected transportation systems
2012
International Conference on Information Systems for Crisis Response and Management
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
STAR-TRANS is a comprehensive transportation security risk assessment framework for assessing related risks that provides cohered contingency management procedures for interconnected, interdependent and ...
The present paper introduces a high level modeling language, capable of expressing the concepts and processes of the Strategic Risk Assessment and Contingency Planning in Interconnected Transportation ...
ACKNOWLEDGEMENTS This work is part of the project "Strategic Risk Assessment and Contingency Planning in Interconnected Transportation Networks" ICT-FP7-225594 STAR-TRANS, funded by the European Commission ...
dblp:conf/iscram/ZisiadisKGTLT12
fatcat:azsmshjijrc6lhkrzzhlxtd3zi
Applying the Layered Decision Model to the Design of Language-Based Security Systems
2006
2006 IEEE International Conference on Information Reuse & Integration
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2008; you can also visit the original URL.
The file type is application/pdf.
These practices also apply to the language-based defense mechanism for a software system, which is a subset of a networked security system. ...
It then explores how to apply the LDM in the design of cost-effective language-based defense mechanisms for software systems through a sample analysis. ...
We applied the LDM to the design of language-based security for a sample Web-based management software system for a local government agency. ...
doi:10.1109/iri.2006.252410
dblp:conf/iri/WeiA06
fatcat:iguhiksnaffs7ltb46w53epfqq
Guiding the selection of security patterns based on security requirements and pattern classification
2015
Proceedings of the 20th European Conference on Pattern Languages of Programs - EuroPLoP '15
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
On the other hand, security risk management is an iterative approach that consists of: (1) a risk assessment activity for identifying, analyzing and evaluating security risks and (2) a risk treatment activity ...
For illustration purposes, we consider an example of a SCADA (Supervisory Control And Data Acquisition) system. ...
This work is conducted in the context of a Ph.D. thesis funded by CEA LIST and co-leaded by CEA (LISE) and IRIT (MACAO). In addition, we would like to thank our shepherd Dr. Eduardo B. ...
doi:10.1145/2855321.2855332
dblp:conf/europlop/MotiiHLB15
fatcat:uezbkcpukvd5rph3oaq2bjyijm
Analysis of the Competencies of Information Security Consultants: Comparison between Required Level and Retention Level
2015
Indian Journal of Science and Technology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
This research aims to provide guidelines for successful information security consulting and training of information security consultants by looking into the core competencies of information security consultants ...
Recently, the increasing demand of information security consulting and securing workforce for information security consulting companies have emerged as major pending issues especially with the expansion ...
Logan 7 proposed a security management system by connecting knowledge and skills related to information security, security construction and model, operating system security, etc. with the educational process ...
doi:10.17485/ijst/2015/v8i21/79119
fatcat:vl5xscj6jjhuljbph6shfrntkq
A Solution Model and Tool for Supporting the Negotiation of Security Decisions in E-Business Collaborations
2010
2010 Fifth International Conference on Internet and Web Applications and Services
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Our research has investigated this topic in substantial detail, and in this paper we present a novel solution model and tool for supporting businesses through these tasks. ...
Issues arise due to semantic gaps, disparity in security documentation and formats, and incomplete security-related information during negotiations, to say the least. ...
SOLUTION MODEL The Solution Model, shown in Figure 1 , contains four components: Security Actions Analysis, Ontology Design, Language Definition and Risk Catalogue Creation. ...
doi:10.1109/iciw.2010.10
fatcat:b4kfuk4cs5h2nnz5d3xqmrkoau
A Survey on Design Methods for Secure Software Development
2017
INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Software provide services that may come with some vulnerabilities or risks. Attackers perform actions that break security of system through threats and cause a failure. ...
Second, the paper list a set of the most widely used specification languages with the advantages and disadvantages for each. ...
We also summarized a set of the specification languages used to identify attack in the software with a list of advantages and disadvantages for each one. ...
doi:10.24297/ijct.v16i7.6467
fatcat:bahmx7wjzbhfdf5bkmkeinhn7y
« Previous
Showing results 1 — 15 out of 245,171 results