Software Engineering for Secure Systems: Industrial and Research Perspectives

The security of software systems in recent years has been transformed from a mono-dimensional technical challenge to a multi-dimensional technico-social challenge, due to the wide usage of software systems in almost every area of the human life. This situation requires a different and more holistic approach to the development of secure software systems. Software Engineering for Secure Systems: Industrial and Research Perspectives presents the most recent and innovative lines of research and industrial practice related to secure software engineering. The book provides coverage of recent advances in the area of secure software engineering that address the various stages of the development process from requirements to design to testing to implementation. Contributions offer a comprehensive understanding secure software engineering, inspire and motivate further research and development, and bridge the gap between academic research and industrial practice.

[1]  Haralambos Mouratidis,et al.  Integrating Security and Systems Engineering: Towards the Modelling of Secure Information Systems , 2003, CAiSE.

[2]  Rakesh Agrawal,et al.  Extending relational database systems to automatically enforce privacy policies , 2005, 21st International Conference on Data Engineering (ICDE'05).

[3]  Vitaly Shmatikov,et al.  Obfuscated databases and group privacy , 2005, CCS '05.

[4]  Haralambos Mouratidis,et al.  An Ontology for Modelling Security: The Tropos Approach , 2003, KES.

[5]  Haralambos Mouratidis,et al.  Secure Tropos: a Security-Oriented Extension of the Tropos Methodology , 2007, Int. J. Softw. Eng. Knowl. Eng..

[6]  Sabrina Sicari,et al.  A conceptual model for privacy policies , 2007, ICSE 2007.

[7]  John Mylopoulos,et al.  Representing and Using Nonfunctional Requirements: A Process-Oriented Approach , 1992, IEEE Trans. Software Eng..

[8]  Jorge Lobo,et al.  Privacy-Aware Role-Based Access Control , 2007, IEEE Security & Privacy.

[9]  Axel van Lamsweerde,et al.  Handling Obstacles in Goal-Oriented Requirements Engineering , 2000, IEEE Trans. Software Eng..

[10]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[11]  Peter Sommerlad,et al.  Security Patterns: Integrating Security and Systems Engineering , 2006 .

[12]  John Mylopoulos,et al.  Analyzing security requirements as relationships among strategic actors , 2002 .

[13]  Mourad Debbabi,et al.  Security Design Patterns: Survey and Evaluation , 2006, 2006 Canadian Conference on Electrical and Computer Engineering.

[14]  Jason Hong,et al.  Privacy patterns for online interactions , 2006, PLoP '06.

[15]  Lawrence Chung,et al.  Dealing with Security Requirements During the Development of Information Systems , 1993, CAiSE.

[16]  Stefanos Gritzalis,et al.  Addressing privacy requirements in system design: the PriS method , 2008, Requirements Engineering.

[17]  Taneli Mielikäinen,et al.  Privacy Problems with Anonymized Transaction Databases , 2004, Discovery Science.

[18]  Annie I. Antón,et al.  Goal-based requirements analysis , 1996, Proceedings of the Second International Conference on Requirements Engineering.

[19]  Ramesh Nagappan,et al.  Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management , 2005 .

[20]  Joseph W. Yoder,et al.  Architectural Patterns for Enabling Application Security , 1998 .

[21]  Markus Schumacher,et al.  Security Patterns and Security Standards , 2002, EuroPLoP.

[22]  M. Hafiz A collection of privacy design patterns , 2006, PLoP '06.

[23]  James A. Landay,et al.  Development and evaluation of emerging design patterns for ubiquitous computing , 2004, DIS '04.