SecEval: An Evaluation Framework for Engineering Secure Systems

Engineering secure software systems is not an easy task. Many methods, notations and tools - we call them knowledge objects - exist to support engineers in the development of such software. A main problem is the selection of appropriate knowledge objects. Therefore, we build the conceptual framework SECEVAL to support the evaluation and comparison of security features, vulnerabilities, methods, notations and tools. It provides an evaluation process and a model, which comprises concepts related to security context, data collection and data analysis. Our approach is validated by a case study in the area of security testing of web applications.

Busch, Marianne; Koch, Nora; Wirsing, Martin (2014): SecEval: An Evaluation Framework for Engineering Secure Systems. Modellierung 2014. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-388579-619-0. pp. 337-352. Regular Research Papers. Wien, Österreich. 19.-21. März 2014

Sammlungen

P225 - Modellierung 2014
Modellierung 2014 (LNI P225)

Komplettanzeige

SecEval: An Evaluation Framework for Engineering Secure Systems

Volltext URI

Dokumententyp

Dateien

Zusatzinformation

Datum

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Quelle

Verlag

Zusammenfassung

Beschreibung

Schlagwörter

Zitierform

DOI

Tags

Sammlungen