4,853 Hits in 3.9 sec

Towards a Requirements-Driven Workbench for Supporting Software Certification and Accreditation

Seok-Won Lee, Robin A. Gandhi, Siddharth Wagle
2007 Third International Workshop on Software Engineering for Secure Systems (SESS'07: ICSE Workshops 2007)  
The primary contributions of this paper are: identifying key areas of automation and tool support for requirements-driven certification activities; an ontology-driven dynamic and flexible workbench architecture  ...  Security certification activities for software systems rely heavily on requirements mandated by regulatory documents and their compliance evidences to support accreditation decisions.  ...  As we move from platform-specific architectures towards net-centricity, sharing and reuse of C&A artifacts, supporting tools, requirements models, and domain knowledge is critical.  ... 
doi:10.1109/sess.2007.11 dblp:conf/icse/LeeGW07 fatcat:k4zqpdnh5rgdrjw46ahlq3tqu4

Process Artifacts Defined as an Aspectual Service to System Models

Robin Gandhi, Siddharth Wagle, Seok-won Lee
2006 2006 Service-Oriented Computing: Consequences for Engineering Requirements (SOCCER'06 - RE'06 Workshop)  
We discuss our approach in the context of designing tool support for a system security Certification and Accreditation (C&A) process automation based on service-oriented and aspect-oriented design paradigms  ...  Therefore, our focus is on early separation of process related cross-cutting concerns from generic tool-support services for creating, browsing, accessing, querying, inferencing, and visualizing associated  ...  Acknowledgement: This work is partially supported by grant from SPAWAR Systems Center, Department of Navy, Charleston, SC, USA.  ... 
doi:10.1109/soccer.2006.7 fatcat:gmcu4zkwnbenrmyky3fgvco4g4

Model-Based System Engineering and Software System Safety Workshop

Barry Hendrix, Saralyn Dwyer, Dave West
2017 Journal of System Safety  
Donna Havrisik, Government Agency System Engineering; Josh McNeil, AMRDEC Software Engineering Directorate (SED); David Arterburn, University of Alabama Huntsville; Joe Hale, NASA; and Paul Gill, NASA.  ...  The G-48 System Safety Committee sponsored a Model-Based System Engineering (MBSE) and Software System Safety (SSS) workshop, hosted by A-P-T Research, Inc.  ...  Their input in the form of presentation documentation and verbal presentations to a large  ... 
doi:10.56094/jss.v53i3.110 fatcat:4xb5kaec4jgkvnmwkmsmezeexi

Active Automation of the DITSCAP [chapter]

Seok Won Lee, Robin A. Gandhi, Gail-Joon Ahn, Deepak S. Yavagal
2005 Lecture Notes in Computer Science  
certification and accreditation (C&A) framework with appropriate tool support.  ...  For such a critical infrastructure to effectively mitigate risk, optimize its security posture and evaluate its information assurance practices, we identify the need for a structured and comprehensive  ...  We acknowledge the support and encouragement from Scott West, John Linden, Bill Bolick, and Bill Chu. Finally, we thank Divya Muthurajan and Vikram Parekh for their contributions to this research.  ... 
doi:10.1007/11427995_46 fatcat:pdefjnmf2bewzc2hqdd5mujlqq

Collaborative Quality Management [chapter]

Goknur Arzu
2011 Supply Chain Management - Pathways for Research and Practice  
Support for a document and knowledge management system to satisfy the requirements regarding the system documentation of multiple quality management systems.  ...  and strategic time frames as well as control, assurance and management dimensions of quality.  Support for collaborative business reengineering tools, allowing continuous improvement, alignment and restructuring  ...  Collaborative Quality Management, Supply Chain Management -Pathways for Research and Practice, Prof.  ... 
doi:10.5772/20063 fatcat:4w3gp25errcbti3rpamplml3zi

Cloud-Centric Assured Information Sharing [chapter]

2013 Developing and Securing the Cloud  
In this paper we describe the design and implementation of cloudbased assured information sharing systems.  ...  In particular, we will describe our current implementation of a centralized cloud-based assured information sharing system and the design of a decentralized hybrid cloud-based assured information sharing  ...  CAISS utilizes several of the technologies we have developed for AFOS as well as open source tools.  ... 
doi:10.1201/b15433-41 fatcat:m27n53wcb5es5iszmsz2ysnvky

Cloud-Centric Assured Information Sharing [chapter]

Bhavani Thuraisingham, Vaibhav Khadilkar, Jyothsna Rachapalli, Tyrone Cadenhead, Murat Kantarcioglu, Kevin Hamlen, Latifur Khan, Farhan Husain
2012 Lecture Notes in Computer Science  
In this paper we describe the design and implementation of cloudbased assured information sharing systems.  ...  In particular, we will describe our current implementation of a centralized cloud-based assured information sharing system and the design of a decentralized hybrid cloud-based assured information sharing  ...  CAISS utilizes several of the technologies we have developed for AFOS as well as open source tools.  ... 
doi:10.1007/978-3-642-30428-6_1 fatcat:isjiaenyljdv3fqdenntqpfpzu

Developing Software Quality and Testing Capabilities in Hispanic America: Challenges and Prospects [chapter]

Ignacio Trejos-Zelaya
2019 The Future of Software Quality Assurance  
This chapter presents a summary of the Hispanic America region status and prospects in software engineering-particularly those regarding software quality and software testing.  ...  Testing, colleagues of the JIISIC and SLISW Latin American conferences on software engineering and my family-for their patience (one more time!).  ...  Acknowledgements I thank Stephan Goericke and Agustina Gay of iSQI for the invitation to contribute, Santiago Castaño of the HASTQB for sharing statistical data, Carolina Triana for documents on Choucair  ... 
doi:10.1007/978-3-030-29509-7_14 fatcat:b5pygoo25zcn5gdnc6u327w3py

Toward a Lifecycle Information Framework and Technology in Manufacturing

Thomas Hedberg, Allison Barnard Feeney, Moneer Helu, Jaime A. Camelio
2017 Journal of Computing and Information Science in Engineering  
Industry has been chasing the dream of integrating and linking data across the product lifecycle and enterprises for decades.  ...  LIFT is a conceptual framework for lifecycle information management and the integration of emerging and existing technologies, which together form the basis of a research agenda for dynamic information  ...  Office of Naval Research) and Dr. William Regli (Defense Advanced Research Projects Agency) for the helpful insight and feedback they provided.  ... 
doi:10.1115/1.4034132 pmid:28265224 pmcid:PMC5335795 fatcat:l432wvouqze7xk556rrovr257i

Enabling mHealth While Assuring Compliance: Reliable and Secure Information Access in a Mobile World

Axel Wirth
2012 Biomedical Instrumentation & Technology  
For patients, mHealth can provide improved access to their health information, more consistent and reliable health services, flexible communication with their physicians, and access to enhanced education  ...  From switching and routing to HL7 and DICOM, our classes give you the knowledge and confidence to support this everchanging environment.  ...  Enabling mHealth While Assuring Compliance Reliable and Secure Information Access in a Mobile World Axel Wirth mHealth is defined as the practice of medicine or the provision of health services supported  ... 
doi:10.2345/0899-8205-46.s2.91 pmid:23039784 fatcat:lueaoh3xmvccthssxxzv2h4a74

New Opportunities for Integrated Formal Methods [article]

Mario Gleirscher, Simon Foster, Jim Woodcock
2019 arXiv   pre-print
From the perspective of the assurance of robots and autonomous systems (RAS), we highlight new opportunities for integrated formal methods and identify threats to the adoption of such methods.  ...  Based on these opportunities and threats, we develop an agenda for fundamental and empirical research on integrated formal methods and for successful transfer of validated research to RAS assurance.  ...  Acknowledgements: We would like to thank Michael Butler, Ana Cavalcanti, John Fitzgerald, Cliff Jones, and Peter Gorm Larsen for very helpful feedback and discussions on the direction of this work.  ... 
arXiv:1812.10103v3 fatcat:rh3fcilrubfpje6k2sjdilg4ba

Advanced Systems Engineering [chapter]

Manfred Broy, Wolfgang Böhm, Bernhard Rumpe
2020 Model-Based Engineering of Collaborative Embedded Systems  
AbstractAdvanced systems engineering (ASE) is a new paradigm for agile, efficient, evolutionary, and quality-aware development of complex cyber-physical systems using modern digital technologies and tools  ...  German Federal Ministry of Education and Research (BMBF) projects SPES2020, SPES_XT, and CrESt offer such a methodology and framework for model-based systems engineering (MBSE).  ...  ) and the tools used; conventional processes such as sequential, disciplinespecific development no longer meet the new requirements  Strictly systems-centric approach for the holistic integration of the  ... 
doi:10.1007/978-3-030-62136-0_19 fatcat:q5hth2yvgjbl7bivwcktfrujka

Information systems security engineering

James F. Davis
2004 ACM SIGAda Ada Letters  
The purpose of this research paper is to illustrate the industrial and federal need for Information Systems Security Engineering (ISSE) in order to build Information Assurance (IA) into a system rather  ...  This paper was written to illustrate a way forward, a method to bring ISSE to the frontlines of systems engineering and bring to life a notional concept of Designing for Security.  ...  The certification track consists of a broad-based, limited depth of knowledge certification in Information Assurance, Certified Information Systems Security Professional (CISSP), as well as three different  ... 
doi:10.1145/1046191.1032300 fatcat:ifzwxg5h6vhg3l7mfgirfqv6na

Comparison of Secure Development Frameworks for Korean e-Government Systems

Dongsu Seo
2014 International Journal of Security and Its Applications  
Recently, new development guides have been announced for building secure e-government systems by the Korean government.  ...  The guides aim to reduce significant amount of security vulnerabilities and weaknesses inside source codes using secure coding practices.  ...  Acknowledgements This work was supported by the Sungshin Women's University Research Grant of 2012  ... 
doi:10.14257/ijsia.2014.8.1.33 fatcat:hhg7x6vbu5aa3m5mp7irywvjwu

User centricity: A taxonomy and open issues*

Abhilasha Bhargav-Spantzel, Jan Camenisch, Thomas Gross, Dieter Sommer, A. Goto
2007 Journal of Computer Security  
We do neither claim a solution for universal user-centric systems nor for the extension beyond the boundaries † of user-centricity, however, we establish a starting point for both ventures by leveraging  ...  User centricity is a significant concept in federated identity management (FIM), as it provides for stronger user control and privacy.  ...  Attribute privacy refers to the concept of giving the user control over her attribute data. This is supported by giving the system assurance support and allowing for user-chosen IdPs.  ... 
doi:10.3233/jcs-2007-15502 fatcat:w5wuna6sbrakhbf2e2mc4zpndi
« Previous Showing results 1 — 15 out of 4,853 results