𝔖 Scriptorium
✦   LIBER   ✦
πŸ“

Pattern and Security Requirements: Engineering-Based Establishment of Security Standards

✍ Scribed by Kristian Beckers (auth.)

Publisher
Springer International Publishing
Year
2015
Tongue
English
Leaves
489
Edition
1
Category
Library
⬇  Acquire This Volume

No coin nor oath required. For personal study only.

✦ Synopsis

Security threats are a significant problem for information technology companies today. This book focuses on how to mitigate these threats by using security standards and provides ways to address associated problems faced by engineers caused by ambiguities in the standards. The security standards are analysed, fundamental concepts of the security standards presented, and the relations to the elementary concepts of security requirements engineering (SRE) methods explored. Using this knowledge, engineers can build customised methods that support the establishment of security standards.

Standards such as Common Criteria or ISO 27001 are explored and several extensions are provided to well-known SRE methods such as Si*, CORAS, and UML4PF to support the establishment of these security standards. Through careful analysis of the activities demanded by the standards, for example the activities to establish an Information Security Management System (ISMS) in compliance with the ISO 27001 standard, methods are proposed which incorporate existing security requirement approaches and patterns.

Understanding Pattern and Security Requirements engineering methodsis important for software engineers, security analysts and other professionals that are tasked with establishing a security standard, as well as researchers who aim to investigate the problems with establishing security standards. The examples and explanations in this book are designed to be understandable by all these readers.

✦ Table of Contents

Front Matter....Pages i-xxv
Introduction....Pages 1-10
Background....Pages 11-35
The PEERESS Framework....Pages 37-49
The CAST Method for Comparing Security Standards....Pages 51-83
Relating ISO 27001 to the Conceptual Framework for Security Requirements Engineering Methods....Pages 85-108
Supporting ISO 27001 Compliant ISMS Establishment with Si*....Pages 109-137
Supporting ISO 27001 Establishment with CORAS....Pages 139-194
Supporting Common Criteria Security Analysis with Problem Frames....Pages 195-228
Supporting ISO 26262 Hazard Analysis with Problem Frames....Pages 229-246
A Catalog of Context-Patterns....Pages 247-280
Initiating a Pattern Language for Context-Patterns....Pages 281-298
Supporting the Establishment of a Cloud-Specific ISMS According to ISO 27001 Using the Cloud System Analysis Pattern....Pages 299-392
Validation and Extension of Our Context-Pattern Approach....Pages 393-413
Conclusion....Pages 415-425
Back Matter....Pages 427-474

✦ Subjects

Systems and Data Security; Management of Computing and Information Systems; Quality Control, Reliability, Safety and Risk; Computing Methodologies; Models and Principles

πŸ“œ SIMILAR VOLUMES

Pattern and Security Requirements: Engin
πŸ“ Pattern and Security Requirements: Engineering-Based Establishment of Security Standards
✍ Kristian Beckers πŸ“‚ Library πŸ“… 2015 πŸ› Springer 🌐 English

Security threats are a significant problem for information technology companies today. This book focuses on how to mitigate these threats by using security standards and provides ways to address associated problems faced by engineers caused by ambiguities in the standards. The security standards are

Security Patterns Integrating Security a
πŸ“ Security Patterns Integrating Security and Systems Engineering
✍ Markus Schumacher, Eduardo Fernandez-Buglioni, Duane Hybertson, Frank Buschmann, πŸ“‚ Library πŸ“… 2006 πŸ› Wiley 🌐 English

Most security books are targeted at security engineers and specialists. Few show how build security into software. None breakdown the different concerns facing security at different levels of the system: the enterprise, architectural and operational layers. Security Patterns addresses the full spect

Security Patterns: Integrating Security
πŸ“ Security Patterns: Integrating Security and Systems Engineering
✍ Markus Schumacher, Eduardo Fernandez-Buglioni, Duane Hybertson, Frank Buschmann, πŸ“‚ Library πŸ“… 2006 πŸ› Wiley 🌐 English

Most security books are targeted at security engineers and specialists. Few show how build security into software. None breakdown the different concerns facing security at different levels of the system: the enterprise, architectural and operational layers.Β <i>Security Patterns</i>Β addresses the ful

Security Patterns: Integrating Security
πŸ“ Security Patterns: Integrating Security and Systems Engineering
✍ Markus Schumacher, Eduardo Fernandez-Buglioni, Duane Hybertson, Frank Buschmann, πŸ“‚ Library πŸ“… 2006 πŸ› Wiley 🌐 English

Most security books are targeted at security engineers and specialists. Few show how build security into software. None breakdown the different concerns facing security at different levels of the system: the enterprise, architectural and operational layers.Β <i>Security Patterns</i>Β addresses the ful

Security patterns : integrating security
πŸ“ Security patterns : integrating security and systems engineering
✍ Markus Schumacher; et al πŸ“‚ Library πŸ“… 2006 πŸ› John Wiley & Sons 🌐 English

"In a time where systems are constantly at risk, it is essential that you arm yourself with the knowledge of different security measures. This title breaks down security at various levels of the system: the enterprise, architectural and operational layers. It acts as an extension to the larger enter