Kirikova, Marite and Matulevicius, Raimundas and Sandkuhl, Kurt (2016) Application of the Enterprise Model Frame for Security Requirements and Control Identification. In: {DB&}IS (Selected Papers).
Full text not available from this repository.Abstract
It is generally accepted that security requirements have to be elicited as early as possible to avoid later rework in the systems development process. One of the reasons for difficulties of early detection of security requirements is the complexity of security requirements identification. In this paper we propose an extension of the method for security requirements elicitation from business processes (SREBP). The extension includes the application of the enterprise model frame to capture enterprise views and relationships of the analysed system assets. Although the proposal was used in some practical settings, the main goal of this work is conceptual discussion of the proposal. Our study shows that (i) the enterprise model frame covers practically all concepts of the information security related definitions, and that (ii) the use of the frame with the SREBP method complies with the common enterprise modeling and enterprise architecture approaches.
| Item Type: | Conference or Workshop Item (UNSPECIFIED) |
|---|---|
| Subjects: | A General Works |
| Date Deposited: | 26 Sep 2017 08:45 |
| Last Modified: | 15 Nov 2017 09:09 |
| URI: | http://eprints.win.informatik.uni-rostock.de/id/eprint/46 |
Actions (login required)
 |
View Item |
