管理遗留安全工程流程的变更

Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics Pub Date : 2011-07-10 DOI:10.1109/ISI.2011.5984064

Edith Felix, Olivier Delande, F. Massacci, F. Paci

{"title":"管理遗留安全工程流程的变更","authors":"Edith Felix, Olivier Delande, F. Massacci, F. Paci","doi":"10.1109/ISI.2011.5984064","DOIUrl":null,"url":null,"abstract":"Managing changes in Security Engineering is a difficult task: the analyst must keep the consistency between security knowledge such as assets, attacks and treatments to stakeholders' goals and security requirements. Research-wise the usual solution is an integrated methodology in which risk, security requirements and architectural solutions are addressed within the same tooling environment and changes can be easily propagated.","PeriodicalId":220165,"journal":{"name":"Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Managing changes with legacy security engineering processes\",\"authors\":\"Edith Felix, Olivier Delande, F. Massacci, F. Paci\",\"doi\":\"10.1109/ISI.2011.5984064\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Managing changes in Security Engineering is a difficult task: the analyst must keep the consistency between security knowledge such as assets, attacks and treatments to stakeholders' goals and security requirements. Research-wise the usual solution is an integrated methodology in which risk, security requirements and architectural solutions are addressed within the same tooling environment and changes can be easily propagated.\",\"PeriodicalId\":220165,\"journal\":{\"name\":\"Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics\",\"volume\":\"6 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-07-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISI.2011.5984064\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISI.2011.5984064","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

管理安全工程中的变更是一项困难的任务:分析人员必须保持安全知识(如资产、攻击和处理)与涉众目标和安全需求之间的一致性。研究方面，通常的解决方案是一种集成的方法，在这种方法中，风险、安全需求和体系结构解决方案在相同的工具环境中得到处理，并且变更可以很容易地传播。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Managing changes with legacy security engineering processes

Managing changes in Security Engineering is a difficult task: the analyst must keep the consistency between security knowledge such as assets, attacks and treatments to stakeholders' goals and security requirements. Research-wise the usual solution is an integrated methodology in which risk, security requirements and architectural solutions are addressed within the same tooling environment and changes can be easily propagated.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics

自引率

0.00%

发文量