Communicating sequential processes
Communicating sequential processes
Risk analysis as a source of professional knowledge
Computers and Security
Information systems security design methods: implications for information systems development
ACM Computing Surveys (CSUR)
Computer communications security: principles, standard protocols and techniques
Computer communications security: principles, standard protocols and techniques
Security modelling for organisations
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Role-Based Access Control Models
Computer
A formal model to aid documenting and harmonizing of information security requirements
SEC'97 Proceedings of the IFIP TC11 13 international conference on Information Security (SEC '97) on Information security in research and business
Toward a secure system engineering methodolgy
Proceedings of the 1998 workshop on New security paradigms
Journal of Computer Security
Information Systems Security
A Framework for the Management of Information Security
ISW '97 Proceedings of the First International Workshop on Information Security
ACM SIGOPS Operating Systems Review
A Mechanism for Deriving Specifications of Security Functions in the CC Framework
DEXA '99 Proceedings of the 10th International Conference on Database and Expert Systems Applications
Information Resources Management Journal
Hi-index | 0.01 |
Functional security requirements of information systems can roughly be classified into two: computer security requirements and communications security requirements. Challenges for developing notations for expressing these requirements are numerous, most importantly the difficulty of dealing with layers of abstraction, flexibility to adapt into many types of requirements, groupings of requirements, and requirement dependencies. Many frameworks for dealing with information security highlight the importance of a properly defined organization of security but fail to establish models to support the specification. This paper establishes one such model and demonstrates how the above difficulties can be overcome through extensive application of organizational modeling of information security.