Paper Info
Title
Secure Information Systems Engineering: Experiences and Lessons Learned from Two Health Care Projects
Abstract
In CAiSE 2006, we had presented a framework to support development of secure information systems. The framework was based on the integration of two security-aware approaches, the Secure Tropos methodology, which provides an approach for security requirements elicitation, and the UMLsec approach, which allows one to include the security requirements into design models and offers tools for security analysis. In this paper we reflect on the usage of this framework and we report our experiences of applying it to two different industrial case studies from the health care domain. However, due to lack of space we only describe in this paper one of the case studies. Our findings demonstrate that the support of the framework for the consideration of security issues from the early stages and throughout the development process can result in a substantial improvement in the security of the analysed systems.
Year
DOI
Venue
2009
10.1007/978-3-642-02144-2_21
CA(i)SE
Keywords
Field
DocType
umlsec approach,health care projects,security-aware approach,different industrial case study,security requirements elicitation,security analysis,secure tropos methodology,development process,security requirement,secure information systems engineering,security issue,case study,health care,information system
UMLsec,Systems engineering,Computer science,Security engineering,Information security standards,Requirements elicitation,Information security management,Security information and event management,Information security audit,Computer security model
Conference
Volume
ISSN
Citations 
5565
0302-9743
2
PageRank 
References 
Authors
0.35
13
3
Name
Order
Citations
PageRank
Haralambos Mouratidis199176.97
Ali Sunyaev229646.83
Jan Jurjens316916.07