Secure Information Systems Engi­neering: Experiences and Lessons Learned from Two Health Care Projects

Proceedings of the 21st International Conference on Advanced Infor­mation Systems (CAiSE 2009), Amsterdam, Netherlands, 8-12 June 2009

Advanced Informati­on Systems Engineering, Lecture Notes in Computer Science (LCNS), pp. 231-245

Posted: 27 Sep 2012

See all articles by Haralambos Mouratidis

Haralambos Mouratidis

University of East London

Ali Sunyaev

University of Cologne

Jan Jürjens

The Open University

Date Written: June 8, 2009

Abstract

In CAiSE 2006, we had presented a framework to support development of secure information systems. The framework was based on the integration of two security-aware approaches, the Secure Tropos methodology, which provides an approach for security requirements elicitation, and the UMLsec approach, which allows one to include the security requirements into design models and offers tools for security analysis. In this paper we reflect on the usage of this framework and we report our experiences of applying it to two different industrial case studies from the health care domain. However, due to lack of space we only describe in this paper one of the case studies. Our findings demonstrate that the support of the framework for the consideration of security issues from the early stages and throughout the development process can result in a substantial improvement in the security of the analysed systems.

Suggested Citation

Mouratidis, Haralambos and Sunyaev, Ali and Jürjens, Jan, Secure Information Systems Engi­neering: Experiences and Lessons Learned from Two Health Care Projects (June 8, 2009). Proceedings of the 21st International Conference on Advanced Infor­mation Systems (CAiSE 2009), Amsterdam, Netherlands, 8-12 June 2009. Available at SSRN: https://ssrn.com/abstract=2153046

Haralambos Mouratidis

University of East London ( email )

Ali Sunyaev (Contact Author)

University of Cologne ( email )

Albertus-Magnus-Platz
Cologne, 50923
Germany

HOME PAGE: http://www.isq.uni-koeln.de

Jan Jürjens

The Open University ( email )

Walton Hall
Milton Keynes, MK6 7AA
United Kingdom

Register to save articles to
your library

Register

Paper statistics

Abstract Views
155
PlumX Metrics