A Meta Model for Structured Workflows Supporting Workflow Transformations
ADBIS '02 Proceedings of the 6th East European Conference on Advances in Databases and Information Systems
Security and Privacy Requirements Analysis within a Social Setting
RE '03 Proceedings of the 11th IEEE International Conference on Requirements Engineering
Modelling Contexts in the Or-BAC Model
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Tropos: An Agent-Oriented Software Development Methodology
Autonomous Agents and Multi-Agent Systems
Eliciting security requirements with misuse cases
Requirements Engineering
On Modelling Access Policies: Relating Roles to their Organisational Context
RE '05 Proceedings of the 13th IEEE International Conference on Requirements Engineering
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
An evaluation of conceptual business process modelling languages
Proceedings of the 2006 ACM symposium on Applied computing
Exploring Intentional Modeling and Analysis for Enterprise Architecture
EDOCW '06 Proceedings of the 10th IEEE on International Enterprise Distributed Object Computing Conference Workshops
Computer Standards & Interfaces
Model based development of access policies
International Journal on Software Tools for Technology Transfer (STTT)
Model-based security analysis for mobile communications
Proceedings of the 30th international conference on Software engineering
RGPS: a unified requirements meta-modeling frame for networked software
Proceedings of the 3rd international workshop on Applications and advances of problem frames
Context Ontology for Secure Interoperability
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Incorporating Security Requirements Engineering into the Rational Unified Process
ISA '08 Proceedings of the 2008 International Conference on Information Security and Assurance (isa 2008)
Modeling and Enforcing Advanced Access Control Policies in Healthcare Systems with Sectet
Models in Software Engineering
A Model-Driven Approach for the Specification and Analysis of Access Control Policies
OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
An aspect-oriented methodology for designing secure applications
Information and Software Technology
Requirements-based Access Control Analysis and Policy Specification (ReCAPS)
Information and Software Technology
Automatic generation of workflow-extended domain models
MODELS'07 Proceedings of the 10th international conference on Model Driven Engineering Languages and Systems
Seventh international workshop on software engineering for secure systems (SESS 2011)
Proceedings of the 33rd International Conference on Software Engineering
Hi-index | 0.00 |
Over the past years, research on specifying, designing and developing secured information systems (IS) has been very active. Some contributions have focused on integrating security aspects, mainly access control mechanisms, at the implementation phase. Others pay a particular attention to the capture and analysis of security requirements. However, to our knowledge, no method addresses the whole problem of the specification of security requirements and their transformation through all the phases of the IS development life cycle. We argue that better Secured IS can be obtained if security issues are taken into account at an earlier phase of the system life cycle and integrated with functional aspects along the whole life cycle. This paper is a step forward to a comprehensive security conceptual meta-model encompassing the main security properties such as availability, integrity, confidentiality, and accountability. It integrates functional and non-functional requirements. It includes social, organizational as well as informational aspects. This meta-model is the backbone of our approach.