An object-oriented framework for model management and DSS development
Decision Support Systems
Software engineering for security: a roadmap
Proceedings of the Conference on The Future of Software Engineering
An agent-based approach for building complex software systems
Communications of the ACM
Agent-oriented software engineering: the state of the art
First international workshop, AOSE 2000 on Agent-oriented software engineering
Model driven security for process-oriented systems
Proceedings of the eighth ACM symposium on Access control models and technologies
Using Abuse Case Models for Security Requirements Analysis
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Modelling secure multiagent systems
AAMAS '03 Proceedings of the second international joint conference on Autonomous agents and multiagent systems
Modelling strategic relationships for process reengineering
Modelling strategic relationships for process reengineering
Tropos: An Agent-Oriented Software Development Methodology
Autonomous Agents and Multi-Agent Systems
Eliciting security requirements with misuse cases
Requirements Engineering
Viewing business-process security from different perspectives
International Journal of Electronic Commerce - Special issue: Developing the business components of the digital economy
Integrating Security and Software Engineering: Advances and Future Vision
Integrating Security and Software Engineering: Advances and Future Vision
Tools for secure systems development with UML
International Journal on Software Tools for Technology Transfer (STTT)
Constraint based role based access control in the SECTET-framework: A model-driven approach
Journal of Computer Security - Privacy, Security and Trust (PST) Technologies: Evolution and Challenges
Secure Systems Development with UML
Secure Systems Development with UML
Towards a comprehensive framework for secure systems development
CAiSE'06 Proceedings of the 18th international conference on Advanced Information Systems Engineering
Evaluation of the Pattern-based method for Secure Development (PbSD): A controlled experiment
Information and Software Technology
Hi-index | 0.00 |
In CAiSE 2006, we had presented a framework to support development of secure information systems. The framework was based on the integration of two security-aware approaches, the Secure Tropos methodology, which provides an approach for security requirements elicitation, and the UMLsec approach, which allows one to include the security requirements into design models and offers tools for security analysis. In this paper we reflect on the usage of this framework and we report our experiences of applying it to two different industrial case studies from the health care domain. However, due to lack of space we only describe in this paper one of the case studies. Our findings demonstrate that the support of the framework for the consideration of security issues from the early stages and throughout the development process can result in a substantial improvement in the security of the analysed systems.