Abstract: Security has been a growing concern for large organizations, especially financial and governmental institutions, as security breaches in the systems they depend on have repeatedly resulted in billions of dollars in losses per year, and this cost is on the rise. A primary reason for these breaches is that the systems in question are socio-technical - a mix of people, processes, technology and infrastructure. However, such systems are designed in a piecemeal rather than a holistic fashion, leaving parts of the system vulnerable. To tackle this problem, a three-realm security requirements framework was proposed to holistically analyse security requirements in different conceptual realms, including social realm (business processes, social actors), a software realm (software applications that support the social realm) and an infrastructure realm (physical and technological infrastructure). In this paper we evaluate this security requirements analysis framework. The evaluation was performed by two graduate students using a large scale case study on a medical emergency response system.

Evaluation of MUSER, a holistic security requirements analysis framework / Seid, Elias Abrar; Robin, Kazi; Li, Tong; Mylopoulos, Ioannis. - ELETTRONICO. - 10.1109/RCIS.2017.7956550(2017), pp. 1-12. (Intervento presentato al convegno 11th IEEE International Conference on Research Challenges in Information Science - RCIS 2017 tenutosi a Brighton, UK nel 2017) [10.1109/RCIS.2017.7956550].

Evaluation of MUSER, a holistic security requirements analysis framework

Seid, Elias Abrar;Li, Tong;Mylopoulos, Ioannis
2017-01-01

Abstract

Abstract: Security has been a growing concern for large organizations, especially financial and governmental institutions, as security breaches in the systems they depend on have repeatedly resulted in billions of dollars in losses per year, and this cost is on the rise. A primary reason for these breaches is that the systems in question are socio-technical - a mix of people, processes, technology and infrastructure. However, such systems are designed in a piecemeal rather than a holistic fashion, leaving parts of the system vulnerable. To tackle this problem, a three-realm security requirements framework was proposed to holistically analyse security requirements in different conceptual realms, including social realm (business processes, social actors), a software realm (software applications that support the social realm) and an infrastructure realm (physical and technological infrastructure). In this paper we evaluate this security requirements analysis framework. The evaluation was performed by two graduate students using a large scale case study on a medical emergency response system.
2017
Proceedings - International Conference on Research Challenges in Information Science
Brighton, UK
IEEE Computer Society
9781509054763
Seid, Elias Abrar; Robin, Kazi; Li, Tong; Mylopoulos, Ioannis
Evaluation of MUSER, a holistic security requirements analysis framework / Seid, Elias Abrar; Robin, Kazi; Li, Tong; Mylopoulos, Ioannis. - ELETTRONICO. - 10.1109/RCIS.2017.7956550(2017), pp. 1-12. (Intervento presentato al convegno 11th IEEE International Conference on Research Challenges in Information Science - RCIS 2017 tenutosi a Brighton, UK nel 2017) [10.1109/RCIS.2017.7956550].
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/185585
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? 0
social impact