分布式消息传递系统中基本可度量安全组件的识别

2009 Third International Conference on Emerging Security Information, Systems and Technologies Pub Date : 2009-06-18 DOI:10.1109/SECURWARE.2009.26

R. Savola, H. Abie

{"title":"分布式消息传递系统中基本可度量安全组件的识别","authors":"R. Savola, H. Abie","doi":"10.1109/SECURWARE.2009.26","DOIUrl":null,"url":null,"abstract":"The lack of appropriate information security solutions in software-intensive systems can have serious consequences for businesses and the stakeholders. Carefully designed security metrics can be used to offer evidence of the security behavior of the system under development or operation. This study investigates holistic development of security metrics for a distributed messaging system based on threat analysis, security requirements, decomposition and use case information. Our approach is thus requirement-centric. The high-level security requirements are expressed in terms of lower-level measurable components applying a decomposition approach.","PeriodicalId":382947,"journal":{"name":"2009 Third International Conference on Emerging Security Information, Systems and Technologies","volume":"33 1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"32","resultStr":"{\"title\":\"Identification of Basic Measurable Security Components for a Distributed Messaging System\",\"authors\":\"R. Savola, H. Abie\",\"doi\":\"10.1109/SECURWARE.2009.26\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The lack of appropriate information security solutions in software-intensive systems can have serious consequences for businesses and the stakeholders. Carefully designed security metrics can be used to offer evidence of the security behavior of the system under development or operation. This study investigates holistic development of security metrics for a distributed messaging system based on threat analysis, security requirements, decomposition and use case information. Our approach is thus requirement-centric. The high-level security requirements are expressed in terms of lower-level measurable components applying a decomposition approach.\",\"PeriodicalId\":382947,\"journal\":{\"name\":\"2009 Third International Conference on Emerging Security Information, Systems and Technologies\",\"volume\":\"33 1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-06-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"32\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 Third International Conference on Emerging Security Information, Systems and Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SECURWARE.2009.26\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 Third International Conference on Emerging Security Information, Systems and Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECURWARE.2009.26","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 32

摘要

在软件密集型系统中缺乏适当的信息安全解决方案可能会对业务和涉众造成严重后果。精心设计的安全度量可以用来提供正在开发或运行的系统的安全行为的证据。本研究调查了基于威胁分析、安全需求、分解和用例信息的分布式消息传递系统的安全度量的整体开发。因此，我们的方法是以需求为中心的。高级安全需求用应用分解方法的低级可度量组件来表示。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Identification of Basic Measurable Security Components for a Distributed Messaging System

The lack of appropriate information security solutions in software-intensive systems can have serious consequences for businesses and the stakeholders. Carefully designed security metrics can be used to offer evidence of the security behavior of the system under development or operation. This study investigates holistic development of security metrics for a distributed messaging system based on threat analysis, security requirements, decomposition and use case information. Our approach is thus requirement-centric. The high-level security requirements are expressed in terms of lower-level measurable components applying a decomposition approach.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2009 Third International Conference on Emerging Security Information, Systems and Technologies

自引率

0.00%

发文量