Security tactics describe security design decisions in a very general, abstract, and implementation-independent way and provide basic security design guidance. Tactics directly address system quality attributes and can be seen as building blocks for design patterns. In order to establish a more detailed security tactic collection, we link them with the Common Criteria security certification standard by establishing a connection between the security tactic goals and the Common Criteria Security Functional Requirements through Goal Structuring Notation. In this paper we give a brief introduction to the Common Criteria standard and to Goal Structuring Notation, we present the full structured and refined catalog of security tactics, and we disc...
In this work we introduce the principle of comprehensible security, which demands that the security ...
Well-defined and unambiguous security requirements are essential for developing secure software syst...
Abstract. Various security requirements sources need to be incorporated when developing security req...
method for designing secure solutions The task of developing information technology (IT) solutions t...
International audienceSecurity patterns capture proven security knowledge to help analysts tackle se...
Defining Security Requirements With the Common Criteria: Applications, Adoptions, and Challenge
Abstract. Security patterns have been proposed to help analysts with lit-tle security knowledge to t...
UnrestrictedResearch experience shows that security needs to be considered from the beginning of sof...
An important aspect of security requirements is the understanding and listing of the possible threat...
As IT-systems become more complex they become more susceptible to suffering of security threats and ...
This paper presents a model for structuring and reusing security requirements sources. The model ser...
This paper presents a model for structuring and reusing security requirements sources. The model ser...
Part 2: Asian Conference on Availability, Reliability and Security (AsiaARES)International audienceI...
We present a systematization of usable security principles, guidelines and patterns to facilitate th...
Security is often neglected during requirements elicitation, which leads to tacked-on designs, vulne...
In this work we introduce the principle of comprehensible security, which demands that the security ...
Well-defined and unambiguous security requirements are essential for developing secure software syst...
Abstract. Various security requirements sources need to be incorporated when developing security req...
method for designing secure solutions The task of developing information technology (IT) solutions t...
International audienceSecurity patterns capture proven security knowledge to help analysts tackle se...
Defining Security Requirements With the Common Criteria: Applications, Adoptions, and Challenge
Abstract. Security patterns have been proposed to help analysts with lit-tle security knowledge to t...
UnrestrictedResearch experience shows that security needs to be considered from the beginning of sof...
An important aspect of security requirements is the understanding and listing of the possible threat...
As IT-systems become more complex they become more susceptible to suffering of security threats and ...
This paper presents a model for structuring and reusing security requirements sources. The model ser...
This paper presents a model for structuring and reusing security requirements sources. The model ser...
Part 2: Asian Conference on Availability, Reliability and Security (AsiaARES)International audienceI...
We present a systematization of usable security principles, guidelines and patterns to facilitate th...
Security is often neglected during requirements elicitation, which leads to tacked-on designs, vulne...
In this work we introduce the principle of comprehensible security, which demands that the security ...
Well-defined and unambiguous security requirements are essential for developing secure software syst...
Abstract. Various security requirements sources need to be incorporated when developing security req...