Information systems security design methods: implications for information systems development
ACM Computing Surveys (CSUR)
Modeling security requirements for applications
OOPSLA '93 Proceedings of the eighth annual conference on Object-oriented programming systems, languages, and applications
Internet security: firewalls and beyond
Communications of the ACM
Integrating formalism and pragmatism: architectural security
NSPW '97 Proceedings of the 1997 workshop on New security paradigms
Run-time security evaluation: can we afford it?
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
ACM Transactions on Information and System Security (TISSEC)
Formal Models for Computer Security
ACM Computing Surveys (CSUR)
Security models for web-based applications
Communications of the ACM
Computer security—an end state?
Communications of the ACM
Safe: Security Audit and Field Evaluation for Computer Facilities and Information Systems
Safe: Security Audit and Field Evaluation for Computer Facilities and Information Systems
Computer Security Handbook
Hi-index | 0.00 |
Populist approaches to studying information systems security include architectural, infrastructure-related and system-level security. This study focuses on software security implemented and monitored during systems development and implementation stages. Moving away from the past checklist methods of studying software security, this study provides a model that could be used in categorizing checklists into meaningful clusters. Many constructs, such as principle of least privilege, execution monitoring, social engineering and formalism and pragmatism in security implementations, are identified in the model. The identification of useful constructs to study can form the basis of evaluating security in software systems as well as provide guidelines of implementing security in new systems developed.