Assurance Cases as a Didactic Tool for Information Security
Abstract
Secure systems are fiercely difficult to obtain - technical, procedural, human, and managerial aspects must be contemplated in a deep, yet holistic approach, which is a complex task even for experienced information security practitioners. Emerging information security “Assurance Cases” methodologies, such as the military NATO AEP-67, promise (time) effective practices for obtaining secure systems, making it a more reproducible process. In this paper we are the first to report the effectiveness of the Assurance Case methodology as a framework for teaching information security to both individuals and teams.
Domains
Computer Science [cs]Origin | Files produced by the author(s) |
---|
Loading...