Journal of Systems and Software
The practical application of a process for eliciting and designing security in web service systems
Information and Software Technology
Appraisal and reporting of security assurance at operational systems level
Journal of Systems and Software
Hi-index | 0.00 |
Despite a growing awareness of security issues in networkedcomputing systems, most development processesused today still do not take security aspects into account.To address this problem, we designed a process for developingsecure networked systems based on the extension of theUnified Modeling Language (UML) for secure systems developmentUMLsec and on the concept of model-based riskassessment (MBRA). Enterprise information such as securitypolicies, business goals, policies and processes are supportedthrough activities in the model-based integrated developmentprocess. These are then refined to security requirementsat a more technical level, which can be expressedusing UMLsec, and which can be analysed mechanicallyusing the tool-support for UMLsec.