Security of computer based information systems
Security of computer based information systems
Cleanroom Software Development: An Empirical Evaluation
IEEE Transactions on Software Engineering
Inquiry-Based Requirements Analysis
IEEE Software
Goal decomposition and scenario analysis in business process reengineering
CAiSE '94 Proceedings of the 6th international conference on Advanced information systems engineering
Cryptography and network security (2nd ed.): principles and practice
Cryptography and network security (2nd ed.): principles and practice
Software engineering for security: a roadmap
Proceedings of the Conference on The Future of Software Engineering
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
Software Testing
Secrets & Lies: Digital Security in a Networked World
Secrets & Lies: Digital Security in a Networked World
Software Engineering
Software requirements and acceptance testing
Annals of Software Engineering
SCENTOR: Scenario-Based Testing of E-Business Applications
WETICE '01 Proceedings of the 10th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Security Requirements Engineering: When Anti-Requirements Hit the Fan
RE '02 Proceedings of the 10th Anniversary IEEE Joint International Conference on Requirements Engineering
Using Abuse Case Models for Security Requirements Analysis
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
SCENT: A Method Employing Scenarios to Systematically Derive TestCases for System Test
SCENT: A Method Employing Scenarios to Systematically Derive TestCases for System Test
Scenario-based Object-Oriented Testing Framework
QSIC '03 Proceedings of the Third International Conference on Quality Software
Tropos: An Agent-Oriented Software Development Methodology
Autonomous Agents and Multi-Agent Systems
Secure Systems Development with UML
Secure Systems Development with UML
Elaborating Security Requirements by Construction of Intentional Anti-Models
Proceedings of the 26th International Conference on Software Engineering
A requirements taxonomy for reducing Web site privacy vulnerabilities
Requirements Engineering
Integrating security and systems engineering: towards the modelling of secure information systems
CAiSE'03 Proceedings of the 15th international conference on Advanced information systems engineering
Building Secure Software: How to Avoid Security Problems the Right Way (paperback) (Addison-Wesley Professional Computing Series)
A first order logic security verification model for SIP
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
A framework to support alignment of secure software engineering with legal regulations
Software and Systems Modeling (SoSyM)
Appraisal and reporting of security assurance at operational systems level
Journal of Systems and Software
Secure by Design: Developing Secure Software Systems from the Ground Up
International Journal of Secure Software Engineering
SETER: Towards Architecture-Model Based Security Engineering
International Journal of Secure Software Engineering
| Hi-index | 0.00 |
For the last few years a considerable number of efforts have been devoted into integrating security issues into information systems development practices. This has led to a number of languages, methods, methodologies and techniques for considering security issues during the developmental stages of an information system. However, these approaches mainly focus on security requirements elicitation, analysis and design issues and neglect testing. This paper presents the Security Attack Testing (SAT) approach, a novel scenario-based approach that tests the security of an information system at the design time. The approach is illustrated with the aid of a real-life case study involving the development of a health and social care information system.