Information Technology Reference
In-Depth Information
Common Criteria [ 8] : “Common Criteria” (standardised in version 2.3 by
ISO/IEC 15408) provides a common set of requirements on the security functions
of IT products and systems, and on assurance measures applied to them during
a security evaluation. The first part, entitled “Introduction and general model”, is
the most relevant with respect to our research scope.
NIST 800-27 Rev A [ 53] /NIST 800-30 [ 52] : Among the series of publications
proposed by NIST, the 800-series is about computer security. In this series,
NIST 800-27 and NIST 800-30 are in our scope. Terminology and concepts are
provided by these standards, which are consistent with each other.
Risk management methods are the third family of sources. In 2004, a CLUSI F 1 study
inventoried over 200 security RM methods. We select a representative subset of RM
methods based on some recent studies, like the report “Inventory of risk assess-
ment and risk management methods” [ 13] from ENISA. Most of these methods are
supported by software tools, but we will concentrate on their methodological part.
EBIOS [ 9] The EBIOS method is developed and maintained by the ANSSI in
France.
MEHARI [ 6] MEHARI is a RM method developed by the CLUSIF and built
on the top of two other RM methods: MARION [ 5] and MELISA [ 10] , not
maintained anymore.
OCTAVE [ 1] : OCTAVE is an approach to information security risk evaluation
developed by the SEI.
CRAMM [ 21] : CRAMM is a RM method from the UK, originally developed by
CCTA in 1985 and currently maintained by Insight Consulting.
CORAS [ 55] : CORAS is the result of a European project that developed a tool-
supported framework for risk assessment of security-critical systems.
Finally, the last family consists of security frameworks proposed in the scientific
literature. Whereas the previous sources were practitioner-oriented, these are more
research-oriented. They originate essentially from the RE literature.
Haley et al. [18, 19] and Moffett and Nuseibeh [ 44] propose a framework for
dealing with security requirements.
Firesmith [ 15, 16] presents a set of related information models that provides the
theoretical foundation underlying safety and security engineering. A process to
effectively deal with both safety and security engineering is also proposed.
A final remark is about SQUARE [43] , a stepwise methodology for eliciting, cat-
egorising, and prioritising security requirements for IT systems and applications.
Although SQUARE is focussed on security RE and suggests using an ISSRM
approach to elicit security requirements, it was not retained in this survey because
the first step of SQUARE consists in defining the terminology to be used in
1 http://www.clusif.asso.fr/en/clusif/present/ .
 
Previous Page
Next Page
Intentional Perspectives on Information Systems Engineering
Search WWH ::




Custom Search
Home