UMLsec: Extending UML for Secure Systems Development
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Deriving security requirements from crosscutting threat descriptions
Proceedings of the 3rd international conference on Aspect-oriented software development
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
Model-Based Evaluation: From Dependability to Security
IEEE Transactions on Dependable and Secure Computing
Weak signals in information security management
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
Hi-index | 0.00 |
Information security evaluation of software-intensive systems typically relies heavily on the experience of the security professionals. Obviously, automated approaches are needed in this field. Unfortunately, there is no practical approach to carrying out security evaluation in a systematic way. We introduce a general-level holistic framework for security evaluation based on security behaviour modelling and security evidence collection, and discuss its applicability to the design of security evaluation experimentation set-ups in real-world systems.