Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
Model-based security analysis in seven steps --- a guided tour to the CORAS method
BT Technology Journal
AURUM: A Framework for Information Security Risk Management
HICSS '09 Proceedings of the 42nd Hawaii International Conference on System Sciences
Software Language Engineering: Creating Domain-Specific Languages Using Metamodels
Software Language Engineering: Creating Domain-Specific Languages Using Metamodels
Automated analysis of security-design models
Information and Software Technology
Model-driven business process security requirement specification
Journal of Systems Architecture: the EUROMICRO Journal
Requirements Engineering - Special Issue on RE'09: Security Requirements Engineering; Guest Editors: Eric Dubois and Haralambos Mouratidis
Towards CIM to PIM transformation: from secure business processes defined in BPMN to use-cases
BPM'07 Proceedings of the 5th international conference on Business process management
Secure Systems Development with UML
Secure Systems Development with UML
Model-based qualitative risk assessment for availability of IT infrastructures
Software and Systems Modeling (SoSyM)
Agile security using an incremental security architecture
XP'05 Proceedings of the 6th international conference on Extreme Programming and Agile Processes in Software Engineering
Hi-index | 0.00 |
Modeling results from risk assessment and the selection of safeguards is an important activity in information security management. Many approaches for this activity focus on an organizational perspective, are embedded in heavyweight processes and tooling and require extensive preliminaries. We propose a lightweight approach introducing SeCoML - a readable language on top of an established methodology within an open framework. Utilizing standard tooling for creation, management and analysis of SeCoML models our approach supports security engineering and integrates well in different environments. Also, we report on early experiences of the language's use.