245,171 Hits in 7.0 sec

Domain Specific Simulation Language For IT Risk Assessment

Artis Teillans, Arnis Kleins, Ojars Krasts, Andrejs Romanovs, Yuri Merkuryev, Pjotrs Dorogovs
2011 ECMS 2011 Proceedings edited by: T. Burczynski, J. Kolodziej, A. Byrski, M. Carvalho  
Information technology systems represent the backbone of a company's operational infrastructure.  ...  As a novelty for UML modelling, especially for simulation purposes, the presented DSL is enriched by a set of stochastic attributes of modelled activities.  ...  The CORAS language is a graphical modelling language for communication, documentation and analysis of security threat and risk scenarios in security risk analyses.  ... 
doi:10.7148/2011-0342-0347 dblp:conf/ecms/TeilansKKRMD11 fatcat:7bgkzceoevc5dol6kwuyqaehuu


Laurentiu Barcan
2018 Journal of Defense Resources Management  
awareness of information security risks.  ...  of management and must involve all departments and activities of an organization, from professionals in the field to information to users.  ...  Misuse of systems (hacking) is also one of the major risk factors of security systems.  ... 
doaj:25d04258a9424d8cbf7ff8d3c2b868bd fatcat:2bbzjfmj2bd2rgllnkelfkecqa

Assessment of Cyber Physical System Risks with Domain Specific Modelling and Simulation

Artis Andreevich Teilans, Andrejs Vasil'evich Romanovs, Yuri Anatolievich Merkuryev, Pjotrs Petrovich Dorogovs, Arnis Yanovich Kleins, Semen Alekseevich Potryasaev
2018 Труды СПИИРАН  
Design of a unified modelling language based domain specific language described in this paper achieves synergy from in IT industry widely used UML modelling technique and the domain specific risk management  ...  As a novelty for UML modelling, especially for simulation purposes, the presented DSL is enriched by a set of stochastic attributes of modelled activities.  ...  The research described in Section 5 supported by the state research #0073-2018-0003 (# of state registr. AAAA-A16-116030250074-1).  ... 
doi:10.15622/sp.59.5 fatcat:6j26mrtfuncmnfn5ljns7d7owa

Security Requirement Engineering Issues in Risk Management

Dhirendra Pandey, Ugrasen Suman, A. K. Ramani
2011 International Journal of Computer Applications  
Risk management is one of the most important aspects of security requirement engineering domain, which allows comparing security needs and costs of security measures.  ...  Keyword Information System, Requirement Engineering, Security Requirements.  ...  CORAS provides a customised language for threat and risk modelling, and comes with detailed guidelines explaining how the language should be used to capture and model relevant information during the various  ... 
doi:10.5120/2218-2827 fatcat:7bpgwhjmwjgqziaacsfa7ojc5e

Towards the ENTRI Framework: Security Risk Management Enhanced by the Use of Enterprise Architectures [chapter]

Nicolas Mayer, Eric Grandry, Christophe Feltus, Elio Goettelmann
2015 Lecture Notes in Business Information Processing  
Secure information systems engineering is currently a critical but complex concern.  ...  In this paper, we motivate the added value of EAM to improve security risk management and propose a research agenda towards a complete framework integrating both domains.  ...  Wieringa for his valuable inputs and recommendations about Design Science Methodology. Supported by the National Research Fund, Luxembourg, and financed by the ENTRI project (C14/IS/8329158).  ... 
doi:10.1007/978-3-319-19243-7_42 fatcat:iv2sw7zbjvdapazwsqz53nemg4

Prospective Tracks in the MSIS 2000 Model Curriculum Framework

John Gorgone, Vijay Kanabar
2003 Americas Conference on Information Systems  
A career track consists of four or more related electives that provides students an opportunity for specialization within information systems.  ...  The latest report on MSIS 2000: Model Curriculum and Guidelines for Graduate Degree Programs in Information Systems introduced Career Tracks as one of the curriculum building blocks.  ...  The core topics in this course are: designing, implementing, managing, and auditing security at all levels; techniques for assessing risk associated with accidental and international breaches of security  ... 
dblp:conf/amcis/GorgoneK03 fatcat:ydwgtcgwxbaifbzn6k2f2q2sme

Towards Cloud Computing SLA Risk Management: Issues and Challenges

Jean-Henry Morin, Jocelyn Aubert, Benjamin Gateau
2012 2012 45th Hawaii International Conference on System Sciences  
This paper attempts to identify these issues and their corresponding challenges, proposing to use risk and Service Level Agreement (SLA) management as the basis for a service level framework to improve  ...  governance, risk and compliance in cloud computing environments. 2012 45th Hawaii International Conference on System Sciences 978-0-7695-4525-7/12 $26.00  ...  Acknowledgements This work is part of the CLOVIS project jointly supported by the Swiss SNF and Luxembourg FNR Lead Agency agreement; under Swiss National Science Foundation grant number 200021E-136316  ... 
doi:10.1109/hicss.2012.602 dblp:conf/hicss/MorinAG12 fatcat:7y24lesecfc2xh2jq6rio4h764

Managing changes with legacy security engineering processes

Edith Felix, Olivier Delande, Fabio Massacci, Federica Paci
2011 Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics  
We identify some mapping concepts among the domains so that little knowledge is required from the requirement manager about the other domains, and similarly for security risk manager and the system designer  ...  We illustrate this example by using the risk modeling language (Security DSML) from Thales Research and the security requirement language (SI*) from the Univ. of Trento.  ...  ACKNOWLEDGMENT This work has been partly funded by EU project -Network of Excellence on Engineering Secure Future Internet Software (NESSoS) and by the EU-FP7-FET-IP-SecureChange project.  ... 
doi:10.1109/isi.2011.5984064 dblp:conf/isi/FelixDMP11 fatcat:24imhaucgrerxnrcunktoct7le

Integrating Security Requirements Engineering into MBSE: Profile and Guidelines

D. Mažeika, R. Butleris
2020 Security and Communication Networks  
Model-Based System Engineering (MBSE) provides a number of ways on how to create, validate, and verify the complex system design; unfortunately, the inherent security aspects are addressed neither by the  ...  Although there are many common points between MBSE and security requirements engineering, the key advantages of MBSE (such as managed complexity, reduced risk and cost, and improved communication across  ...  Conflicts of Interest e authors declare that they have no conflicts of interest regarding the publication of this paper.  ... 
doi:10.1155/2020/5137625 fatcat:dd2l3qlnw5hdvnzrjhc34daphq

STAR-TRANS Modeling Language (STML) modeling risk in the STAR-TRANS risk assessment framework for interconnected transportation systems

Dimitris Zisiadis, Spyros Kopsidas, Vassilis Grizis, George Thanos, George Leventakis, Leandros Tassiulas
2012 International Conference on Information Systems for Crisis Response and Management  
STAR-TRANS is a comprehensive transportation security risk assessment framework for assessing related risks that provides cohered contingency management procedures for interconnected, interdependent and  ...  The present paper introduces a high level modeling language, capable of expressing the concepts and processes of the Strategic Risk Assessment and Contingency Planning in Interconnected Transportation  ...  ACKNOWLEDGEMENTS This work is part of the project "Strategic Risk Assessment and Contingency Planning in Interconnected Transportation Networks" ICT-FP7-225594 STAR-TRANS, funded by the European Commission  ... 
dblp:conf/iscram/ZisiadisKGTLT12 fatcat:azsmshjijrc6lhkrzzhlxtd3zi

Applying the Layered Decision Model to the Design of Language-Based Security Systems

Huaqiang Wei, Jim Alves-Foss
2006 2006 IEEE International Conference on Information Reuse & Integration  
These practices also apply to the language-based defense mechanism for a software system, which is a subset of a networked security system.  ...  It then explores how to apply the LDM in the design of cost-effective language-based defense mechanisms for software systems through a sample analysis.  ...  We applied the LDM to the design of language-based security for a sample Web-based management software system for a local government agency.  ... 
doi:10.1109/iri.2006.252410 dblp:conf/iri/WeiA06 fatcat:iguhiksnaffs7ltb46w53epfqq

Guiding the selection of security patterns based on security requirements and pattern classification

Anas Motii, Brahim Hamid, Agnès Lanusse, Jean-Michel Bruel
2015 Proceedings of the 20th European Conference on Pattern Languages of Programs - EuroPLoP '15  
On the other hand, security risk management is an iterative approach that consists of: (1) a risk assessment activity for identifying, analyzing and evaluating security risks and (2) a risk treatment activity  ...  For illustration purposes, we consider an example of a SCADA (Supervisory Control And Data Acquisition) system.  ...  This work is conducted in the context of a Ph.D. thesis funded by CEA LIST and co-leaded by CEA (LISE) and IRIT (MACAO). In addition, we would like to thank our shepherd Dr. Eduardo B.  ... 
doi:10.1145/2855321.2855332 dblp:conf/europlop/MotiiHLB15 fatcat:uezbkcpukvd5rph3oaq2bjyijm

Analysis of the Competencies of Information Security Consultants: Comparison between Required Level and Retention Level

Se-Yun Kim, Seong Taek Park, Mi Hyun Ko
2015 Indian Journal of Science and Technology  
This research aims to provide guidelines for successful information security consulting and training of information security consultants by looking into the core competencies of information security consultants  ...  Recently, the increasing demand of information security consulting and securing workforce for information security consulting companies have emerged as major pending issues especially with the expansion  ...  Logan 7 proposed a security management system by connecting knowledge and skills related to information security, security construction and model, operating system security, etc. with the educational process  ... 
doi:10.17485/ijst/2015/v8i21/79119 fatcat:vl5xscj6jjhuljbph6shfrntkq

A Solution Model and Tool for Supporting the Negotiation of Security Decisions in E-Business Collaborations

Jason R. C. Nurse, Jane E. Sinclair
2010 2010 Fifth International Conference on Internet and Web Applications and Services  
Our research has investigated this topic in substantial detail, and in this paper we present a novel solution model and tool for supporting businesses through these tasks.  ...  Issues arise due to semantic gaps, disparity in security documentation and formats, and incomplete security-related information during negotiations, to say the least.  ...  SOLUTION MODEL The Solution Model, shown in Figure 1 , contains four components: Security Actions Analysis, Ontology Design, Language Definition and Risk Catalogue Creation.  ... 
doi:10.1109/iciw.2010.10 fatcat:b4kfuk4cs5h2nnz5d3xqmrkoau

A Survey on Design Methods for Secure Software Development

Ola M.Surakhi, Amjad Hudaib, Mohammad AlShraideh, Mohammad Khanafseh
Software provide services that may come with some vulnerabilities or risks. Attackers perform actions that break security of system through threats and cause a failure.  ...  Second, the paper list a set of the most widely used specification languages with the advantages and disadvantages for each.  ...  We also summarized a set of the specification languages used to identify attack in the software with a list of advantages and disadvantages for each one.  ... 
doi:10.24297/ijct.v16i7.6467 fatcat:bahmx7wjzbhfdf5bkmkeinhn7y
« Previous Showing results 1 — 15 out of 245,171 results