Internet Archive Scholar

Incorporating Security Requirements from Legal Regulations into UMLsec model

Shareeful Islam, Jan Jürjens
2008 ACM/IEEE International Conference on Model Driven Engineering Languages and Systems  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (204.7 kB)
https://web.archive.org/web/20220121070632/http://ceur-ws.org/Vol-413/paper14.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL. The file type is application/pdf.

Compliance with law, industry standards, and corporate governance regulations are one of the driving factors for discovering security requirements. This paper aims to incorporate constraints from regulations through security requirements at an early stage of development. Constraints are extracted using a pattern based approach from legal texts of information security laws and policies derived from the security standard ISO/IEC 27001:2005. The UML extension UMLsec is then used to address whether
more » ... the security requirements defined in a UMLsec model implement these constraints successfully.
dblp:conf/models/IslamJ08 fatcat:cfzwuf6a4zbjjhepofovpzno5q
Citation

Shareeful Islam, Jan Jürjens. "Incorporating Security Requirements from Legal Regulations into UMLsec model." ACM/IEEE International Conference on Model Driven Engineering Languages and Systems (2008)