Kristian Beckers Beckers Pattern and Security Requirements

Pattern and Security Requirements

von Kristian Beckers

Engineering-Based Establishment of Security Standards

Preis unbekannt

Buch in deiner Nähe kaufen


...oder deine aktuelle Postleitzahl eingeben:
oder

Beschreibung

Security threats are a significant problem for information technology companies today. This book focuses on how to mitigate these threats by using security standards and provides ways to address associated problems faced by engineers caused by ambiguities in the standards. The security standards are analysed, fundamental concepts of the security standards presented, and the relations to the elementary concepts of security requirements engineering (SRE) methods explored. Using this knowledge, engineers can build customised methods that support the establishment of security standards. Standards such as Common Criteria or ISO 27001 are explored and several extensions are provided to well-known SRE methods such as Si*, CORAS, and UML4PF to support the establishment of these security standards. Through careful analysis of the activities demanded by the standards, for example the activities to establish an Information Security Management System (ISMS) in compliance with the ISO 27001 standard, methods are proposed which incorporate existing security requirement approaches and patterns.Understanding Pattern and Security Requirements engineering methods is important for software engineers, security analysts, and other professionals that are tasked with establishing a security standard, as well as researchers who aim to investigate the problems with establishing security standards. The examples and explanations in this book are designed to be understandable by all these readers.

Security threats are a significant problem for information technology companies today. This book focuses on how to mitigate these threats by using security standards and provides ways to address associated problems faced by engineers caused by ambiguities in the standards. The security standards are analysed, fundamental concepts of the security standards presented, and the relations to the elementary concepts of security requirements engineering (SRE) methods explored. Using this knowledge, engineers can build customised methods that support the establishment of security standards.

Standards such as Common Criteria or ISO 27001 are explored and several extensions are provided to well-known SRE methods such as Si*, CORAS, and UML4PF to support the establishment of these security standards. Through careful analysis of the activities demanded by the standards, for example the activities to establish an Information Security Management System (ISMS) in compliance with the ISO 27001 standard, methods are proposed which incorporate existing security requirement approaches and patterns.

Understanding Pattern and Security Requirements engineering methods is important for software engineers, security analysts and other professionals that are tasked with establishing a security standard, as well as researchers who aim to investigate the problems with establishing security standards. The examples and explanations in this book are designed to be understandable by all these readers.


Presents new research methodologies in exploring the relations between Security Standards and SRE methods Addresses the associated ambiguities within security standards Analyses several standards and extensions, giving readers a broader understanding of the field Provides practical examples for software engineers and security analysts Includes supplementary material: sn.pub/extras

Autor*in

Kristian Beckers

Themen in »Pattern and Security Requirements«

Information Security Standards Method Engineering Model-Based Security Analysis Pattern-Based Security Engineering Security Requirements Engineering quality control, reliability, safety and risk

Stimmen zu »Pattern and Security Requirements«

“The book presents the results of comprehensive research aimed at creating a method for threat analysis and the mitigation of risks through the comparative study of existing standards. … The book is interesting for practitioners who have to create enterprise-wide security policies and standards. It is worth reading for researchers who deal with the formal and semi-formal modeling of the security domain.” (Bálint Molnár, Computing Reviews, September, 2015)


()

Details

ISBN: 9783319365879
Verlag: Springer International Publishing
Erscheinung: 06.10.2016

Link teilen


Über buchnah.de | Die Buchhandlungen | Die Verlage | Impressum & Kontakt | Datenschutz | Presse


Auf dieser Seite kannst Du Buchhandlungen in der Nähe finden