面向需求和建模驱动的安全评估

2006 International Conference on Systems and Networks Communications (ICSNC'06) Pub Date : 2006-10-29 DOI:10.1109/ICSNC.2006.72

R. Savola

{"title":"面向需求和建模驱动的安全评估","authors":"R. Savola","doi":"10.1109/ICSNC.2006.72","DOIUrl":null,"url":null,"abstract":"Development of the information security requirements of practical telecommunications and software-intensive systems is typically at an inadequate level and relies heavily on the experience of the security professionals. Security requirements are in the focus in all phases of security engineering. Obviously, automated approaches are needed in this field. We here introduce a framework for security evaluation based on security requirement definition, behavior modeling and evidence collection.","PeriodicalId":217322,"journal":{"name":"2006 International Conference on Systems and Networks Communications (ICSNC'06)","volume":"289 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-10-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Towards Requirement and Modeling Driven Security Evaluation\",\"authors\":\"R. Savola\",\"doi\":\"10.1109/ICSNC.2006.72\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Development of the information security requirements of practical telecommunications and software-intensive systems is typically at an inadequate level and relies heavily on the experience of the security professionals. Security requirements are in the focus in all phases of security engineering. Obviously, automated approaches are needed in this field. We here introduce a framework for security evaluation based on security requirement definition, behavior modeling and evidence collection.\",\"PeriodicalId\":217322,\"journal\":{\"name\":\"2006 International Conference on Systems and Networks Communications (ICSNC'06)\",\"volume\":\"289 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-10-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2006 International Conference on Systems and Networks Communications (ICSNC'06)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICSNC.2006.72\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 International Conference on Systems and Networks Communications (ICSNC'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSNC.2006.72","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

实际电信和软件密集型系统的信息安全要求的发展通常处于不足的水平，并且严重依赖于安全专业人员的经验。安全需求是安全工程各个阶段关注的焦点。显然，这个领域需要自动化的方法。本文介绍了一个基于安全需求定义、行为建模和证据收集的安全评估框架。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Towards Requirement and Modeling Driven Security Evaluation

Development of the information security requirements of practical telecommunications and software-intensive systems is typically at an inadequate level and relies heavily on the experience of the security professionals. Security requirements are in the focus in all phases of security engineering. Obviously, automated approaches are needed in this field. We here introduce a framework for security evaluation based on security requirement definition, behavior modeling and evidence collection.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2006 International Conference on Systems and Networks Communications (ICSNC'06)

自引率

0.00%

发文量