Integrating Security and Systems Engineering: Towards the Modelling of Secure Information Systems

  • Haralambos Mouratidis
  • Paolo Giorgini
  • Gordon Manson
Conference paper

DOI: 10.1007/3-540-45017-3_7

Part of the Lecture Notes in Computer Science book series (LNCS, volume 2681)
Cite this paper as:
Mouratidis H., Giorgini P., Manson G. (2003) Integrating Security and Systems Engineering: Towards the Modelling of Secure Information Systems. In: Eder J., Missikoff M. (eds) Advanced Information Systems Engineering. CAiSE 2003. Lecture Notes in Computer Science, vol 2681. Springer, Berlin, Heidelberg

Abstract

Security is a crucial issue for information systems. Traditionally, security is considered after the definition of the system. However, this approach often leads to problems, which translate into security vulnerabilities. From the viewpoint of the traditional security paradigm, it should be possible to eliminate such problems through better integration of security and systems engineering. This paper argues for the need to develop a methodology that considers security as an integral part of the whole system development process. The paper contributes to the current state of the art by proposing an approach that considers security concerns as an integral part of the entire system development process and by relating this approach with existing work. The different stages of the approach are described with the aid of a case study; a health and social care information system.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Haralambos Mouratidis
    • 1
  • Paolo Giorgini
    • 2
  • Gordon Manson
    • 1
  1. 1.Department of Computer ScienceUniversity of SheffieldEngland
  2. 2.Department of Information and Communication TechnologyUniversity of TrentoItaly

Personalised recommendations