A Risk-Based Approach to Formalise Information Security Requirements for Software Development - Information Assurance and Security Education and Training
Conference Papers Year : 2013

A Risk-Based Approach to Formalise Information Security Requirements for Software Development

Lynn Futcher
  • Function : Author
  • PersonId : 983847
Rossouw Von Solms
  • Function : Author
  • PersonId : 1001057

Abstract

A primary source of information security problems is often an excessively complex software design that cannot be easily or correctly implemented, maintained nor audited. It is therefore important to establish risk-based information security requirements that can be converted into information security specifications that can be used by programmers to develop security-relevant code. This paper presents a risk-based approach to formalise information security requirements for software development. Based on a formal, structured risk management model, it focuses on how to establish information security requirements to ensure the protection of the information assets implicated. In this way it hopes to provide some educational guidelines on how risk assessment can be incorporated in the education of software developers.
Fichier principal
Vignette du fichier
978-3-642-39377-8_30_Chapter.pdf (226.85 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01463651 , version 1 (09-02-2017)

Licence

Identifiers

Cite

Lynn Futcher, Rossouw Von Solms. A Risk-Based Approach to Formalise Information Security Requirements for Software Development. 8th World Conference on Information Security Education (WISE), Jul 2009, Bento Gonçalves, Brazil. pp.257-264, ⟨10.1007/978-3-642-39377-8_30⟩. ⟨hal-01463651⟩
55 View
87 Download

Altmetric

Share

More