A Systematic Approach to Define the Domain of Information System Security Risk Management - Intentional Perspectives on Information Systems Engineering

Information Technology Reference

In-Depth Information

45. Moody DL (2009) Evidence-based notation design: towards a scientific basis for constructing

visual notations in software engineering. IEEE Trans Softw Eng 35(6):756-779

46. Mouratidis H, Giorgini P (2010) Extending i ∗ and tropos to model security. In: Yu E,

Giorgini P, Maiden N, Mylopoulos J (eds) Social modeling for requirements engineering.

MIT (in press), Cambridge, Massachusetts (USA)

47. Mouratidis H, Giorgini P, Manson GA, Philp I (2002) A natural extension of tropos method-

ology for modelling security. In: Proceedings of the agent oriented methodologies workshop

(OOPSLA'02)

48. Oladimeji EA, Supakkul S, Chung L (2006) Security threat modeling and analysis: a

goal-oriented approach. In: Proceedings of the 10th international conference on software

engineering and applications (SEA'06), pp 178-185

49. Olle TW, Hagelstein J, Macdonald IG., Rolland C, Sol HG, Van Assche FJM, Verrijn-Stuart

AA (1992) Information systems methodology: a framework for understanding, 2nd edn.

Addison-Wesley Longman Publishing Co., Inc. Boston, MA, USA

50. Rolland C (1998) An information system methodology supported by an expert design tool.

Elsevier Science, University of Paris

51. Sindre G, Opdahl AL (2004) Eliciting security requirements with misuse cases. Reqs Eng J

10(1):34-44

52. Stoneburner G, Goguen A, Feringa A (2002) NIST special publication 800-30: risk man-

agement guide for information technology systems. National Institute of Standards and

Technology, Gaithersburg

53. Stoneburner G, Hayden C, Feringa A (2004) NIST special publication 800-27 rev. A: engi-

neering principles for information technology security (a baseline for achieving security).

National Institute of Standards and Technology, Gaithersburg

54. The Project Management

Institute (2001) Project management body of knowledge

www.pmi.org/

55. Vraalsen F, Mahler T, Lund MS, Hogganvik I, den Braber F, Stølen K (2007) Assessing

enterprise risk level: the CORAS approach. In: Khadraoui D, Herrmann F (eds) Advances

in enterprise information technology security. Idea Group, IGI Global, Hershey, Pennsylvania

pp 311-333

56. Wikipedia (2008) Information system definition. http://en.wikipedia.org/wiki/Information_

system

57. Yu E (1996) Modelling strategic relationships for process reengineering. PhD Thesis,

University of Toronto, Toronto, ON, Canada

Search WWH ::

Custom Search

Home