東華大學圖書館 |

語系: 繁體中文

說明(常見問題)

回圖書館首頁

手機版館藏查詢

登入

回首頁

切換: 標籤 | MARC模式 | ISBD

Pattern and security requirements = ...

Beckers, Kristian.

FindBook

Google Book

Amazon

博客來

Pattern and security requirements = engineering-based establishment of security standards /

紀錄類型:	書目-電子資源 : Monograph/item
正題名/作者:	Pattern and security requirements/ by Kristian Beckers.
其他題名:	engineering-based establishment of security standards /
作者:	Beckers, Kristian.
出版者:	Cham :Springer International Publishing : : 2015.,
面頁冊數:	xxv, 474 p. :ill., digital ;24 cm.
內容註:	Foreword -- Preface -- Introduction -- Background -- The PEERESS Framework -- The CAST Method for Comparing Security Standards -- Relating ISO 27001 to the Conceptual Framework for Security Requirements Engineering Methods -- Supporting ISO 27001 compliant ISMS Establishment with Si* -- Supporting ISO 27001 Establishment with CORAS -- Supporting Common Criteria Security Analysis with Problem Frames -- Supporting ISO 26262 Hazard Analysis with Problem Frames -- A Catalog of Context-Patterns -- Initiating a Pattern Language for Context-Patterns -- Supporting the Establishment of a cloud-specific ISMS according to ISO 27001 using the Cloud System Analysis Pattern -- Validation and Extension of our Context-Pattern Approach -- Conclusion.
Contained By:	Springer eBooks
標題:	Computer security - Standards. -
電子資源:	http://dx.doi.org/10.1007/978-3-319-16664-3
ISBN:	9783319166643 (electronic bk.)

Pattern and security requirements = engineering-based establishment of security standards /
Beckers, Kristian.

Pattern and security requirementsengineering-based establishment of security standards /[electronic resource] :by Kristian Beckers. - Cham :Springer International Publishing :2015. - xxv, 474 p. :ill., digital ;24 cm.

Foreword -- Preface -- Introduction -- Background -- The PEERESS Framework -- The CAST Method for Comparing Security Standards -- Relating ISO 27001 to the Conceptual Framework for Security Requirements Engineering Methods -- Supporting ISO 27001 compliant ISMS Establishment with Si* -- Supporting ISO 27001 Establishment with CORAS -- Supporting Common Criteria Security Analysis with Problem Frames -- Supporting ISO 26262 Hazard Analysis with Problem Frames -- A Catalog of Context-Patterns -- Initiating a Pattern Language for Context-Patterns -- Supporting the Establishment of a cloud-specific ISMS according to ISO 27001 using the Cloud System Analysis Pattern -- Validation and Extension of our Context-Pattern Approach -- Conclusion.

Security threats are a significant problem for information technology companies today. This book focuses on how to mitigate these threats by using security standards and provides ways to address associated problems faced by engineers caused by ambiguities in the standards. The security standards are analysed, fundamental concepts of the security standards presented, and the relations to the elementary concepts of security requirements engineering (SRE) methods explored. Using this knowledge, engineers can build customised methods that support the establishment of security standards. Standards such as Common Criteria or ISO 27001 are explored and several extensions are provided to well-known SRE methods such as Si*, CORAS, and UML4PF to support the establishment of these security standards. Through careful analysis of the activities demanded by the standards, for example the activities to establish an Information Security Management System (ISMS) in compliance with the ISO 27001 standard, methods are proposed which incorporate existing security requirement approaches and patterns. Understanding Pattern and Security Requirements engineering methods is important for software engineers, security analysts, and other professionals that are tasked with establishing a security standard, as well as researchers who aim to investigate the problems with establishing security standards. The examples and explanations in this book are designed to be understandable by all these readers.

ISBN: 9783319166643 (electronic bk.)

Standard No.: 10.1007/978-3-319-16664-3doiSubjects--Topical Terms:

2145330
Computer security
--Standards.

LC Class. No.: QA76.9.A25

Dewey Class. No.: 005.8

Pattern and security requirements = engineering-based establishment of security standards /
LDR:03230nmm m2200325 m 4500 001 2001564
003 DE-He213
005 20151110145606.0
006 m d
007 cr nn 008maaau
008 151215s2015 gw s 0 eng d
020 $a 9783319166643 (electronic bk.)
020 $a 9783319166636 (paper)
024 7 $a 10.1007/978-3-319-16664-3 $2 doi
035 $a 978-3-319-16664-3
040 $a GP $c GP
041 0 $a eng
050 4 $a QA76.9.A25
072 7 $a UR $2 bicssc
072 7 $a UTN $2 bicssc
072 7 $a COM053000 $2 bisacsh
082 0 4 $a 005.8 $2 23
090 $a QA76.9.A25 $b B396 2015
100 1 $a Beckers, Kristian. $3 2145329
245 1 0 $a Pattern and security requirements $h [electronic resource] : $b engineering-based establishment of security standards / $c by Kristian Beckers.
260 $a Cham : $b Springer International Publishing : $b Imprint: Springer, $c 2015.
300 $a xxv, 474 p. : $b ill., digital ; $c 24 cm.
505 0 $a Foreword -- Preface -- Introduction -- Background -- The PEERESS Framework -- The CAST Method for Comparing Security Standards -- Relating ISO 27001 to the Conceptual Framework for Security Requirements Engineering Methods -- Supporting ISO 27001 compliant ISMS Establishment with Si* -- Supporting ISO 27001 Establishment with CORAS -- Supporting Common Criteria Security Analysis with Problem Frames -- Supporting ISO 26262 Hazard Analysis with Problem Frames -- A Catalog of Context-Patterns -- Initiating a Pattern Language for Context-Patterns -- Supporting the Establishment of a cloud-specific ISMS according to ISO 27001 using the Cloud System Analysis Pattern -- Validation and Extension of our Context-Pattern Approach -- Conclusion.
520 $a Security threats are a significant problem for information technology companies today. This book focuses on how to mitigate these threats by using security standards and provides ways to address associated problems faced by engineers caused by ambiguities in the standards. The security standards are analysed, fundamental concepts of the security standards presented, and the relations to the elementary concepts of security requirements engineering (SRE) methods explored. Using this knowledge, engineers can build customised methods that support the establishment of security standards. Standards such as Common Criteria or ISO 27001 are explored and several extensions are provided to well-known SRE methods such as Si*, CORAS, and UML4PF to support the establishment of these security standards. Through careful analysis of the activities demanded by the standards, for example the activities to establish an Information Security Management System (ISMS) in compliance with the ISO 27001 standard, methods are proposed which incorporate existing security requirement approaches and patterns. Understanding Pattern and Security Requirements engineering methods is important for software engineers, security analysts, and other professionals that are tasked with establishing a security standard, as well as researchers who aim to investigate the problems with establishing security standards. The examples and explanations in this book are designed to be understandable by all these readers.
650 0 $a Computer security $x Standards. $3 2145330
650 1 4 $a Computer Science. $3 626642
650 2 4 $a Systems and Data Security. $3 898223
650 2 4 $a Management of Computing and Information Systems. $3 892490
650 2 4 $a Quality Control, Reliability, Safety and Risk. $3 891027
650 2 4 $a Computing Methodologies. $3 830243
650 2 4 $a Models and Principles. $3 891221
710 2 $a SpringerLink (Online service) $3 836513
773 0 $t Springer eBooks
856 4 0 $u http://dx.doi.org/10.1007/978-3-319-16664-3
950 $a Computer Science (Springer-11645)