Cargando…

Pattern and Security Requirements Engineering-Based Establishment of Security Standards /

Security threats are a significant problem for information technology companies today. This book focuses on how to mitigate these threats by using security standards and provides ways to address associated problems faced by engineers caused by ambiguities in the standards. The security standards are...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Beckers, Kristian (Autor)
Autor Corporativo: SpringerLink (Online service)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Cham : Springer International Publishing : Imprint: Springer, 2015.
Edición:1st ed. 2015.
Temas:
Acceso en línea:Texto Completo

MARC

LEADER 00000nam a22000005i 4500
001 978-3-319-16664-3
003 DE-He213
005 20220114232303.0
007 cr nn 008mamaa
008 150415s2015 sz | s |||| 0|eng d
020 |a 9783319166643  |9 978-3-319-16664-3 
024 7 |a 10.1007/978-3-319-16664-3  |2 doi 
050 4 |a QA76.9.A25 
072 7 |a UR  |2 bicssc 
072 7 |a UTN  |2 bicssc 
072 7 |a COM053000  |2 bisacsh 
072 7 |a UR  |2 thema 
072 7 |a UTN  |2 thema 
082 0 4 |a 005.8  |2 23 
100 1 |a Beckers, Kristian.  |e author.  |4 aut  |4 http://id.loc.gov/vocabulary/relators/aut 
245 1 0 |a Pattern and Security Requirements  |h [electronic resource] :  |b Engineering-Based Establishment of Security Standards /  |c by Kristian Beckers. 
250 |a 1st ed. 2015. 
264 1 |a Cham :  |b Springer International Publishing :  |b Imprint: Springer,  |c 2015. 
300 |a XXV, 474 p. 186 illus.  |b online resource. 
336 |a text  |b txt  |2 rdacontent 
337 |a computer  |b c  |2 rdamedia 
338 |a online resource  |b cr  |2 rdacarrier 
347 |a text file  |b PDF  |2 rda 
505 0 |a Foreword -- Preface -- Introduction -- Background -- The PEERESS Framework -- The CAST Method for Comparing Security Standards -- Relating ISO 27001 to the Conceptual Framework for Security Requirements Engineering Methods -- Supporting ISO 27001 compliant ISMS Establishment with Si* -- Supporting ISO 27001 Establishment with CORAS -- Supporting Common Criteria Security Analysis with Problem Frames -- Supporting ISO 26262 Hazard Analysis with Problem Frames -- A Catalog of Context-Patterns -- Initiating a Pattern Language for Context-Patterns -- Supporting the Establishment of a cloud-specific ISMS according to ISO 27001 using the Cloud System Analysis Pattern -- Validation and Extension of our Context-Pattern Approach -- Conclusion. 
520 |a Security threats are a significant problem for information technology companies today. This book focuses on how to mitigate these threats by using security standards and provides ways to address associated problems faced by engineers caused by ambiguities in the standards. The security standards are analysed, fundamental concepts of the security standards presented, and the relations to the elementary concepts of security requirements engineering (SRE) methods explored. Using this knowledge, engineers can build customised methods that support the establishment of security standards. Standards such as Common Criteria or ISO 27001 are explored and several extensions are provided to well-known SRE methods such as Si*, CORAS, and UML4PF to support the establishment of these security standards. Through careful analysis of the activities demanded by the standards, for example the activities to establish an Information Security Management System (ISMS) in compliance with the ISO 27001 standard, methods are proposed which incorporate existing security requirement approaches and patterns. Understanding Pattern and Security Requirements engineering methods is important for software engineers, security analysts, and other professionals that are tasked with establishing a security standard, as well as researchers who aim to investigate the problems with establishing security standards. The examples and explanations in this book are designed to be understandable by all these readers. 
650 0 |a Data protection. 
650 0 |a Electronic data processing-Management. 
650 0 |a Security systems. 
650 0 |a Artificial intelligence. 
650 0 |a Computer science. 
650 1 4 |a Data and Information Security. 
650 2 4 |a IT Operations. 
650 2 4 |a Security Science and Technology. 
650 2 4 |a Artificial Intelligence. 
650 2 4 |a Models of Computation. 
710 2 |a SpringerLink (Online service) 
773 0 |t Springer Nature eBook 
776 0 8 |i Printed edition:  |z 9783319166650 
776 0 8 |i Printed edition:  |z 9783319166636 
776 0 8 |i Printed edition:  |z 9783319365879 
856 4 0 |u https://doi.uam.elogim.com/10.1007/978-3-319-16664-3  |z Texto Completo 
912 |a ZDB-2-SCS 
912 |a ZDB-2-SXCS 
950 |a Computer Science (SpringerNature-11645) 
950 |a Computer Science (R0) (SpringerNature-43710)