LEADER 05242nam  22008415  450 
001 9910299230603321
005 20250609110850.0
010   $a3-319-16664-6
024 7 $a10.1007/978-3-319-16664-3
035   $a(CKB)3710000000399942
035   $a(EBL)2094645
035   $a(SSID)ssj0001501016
035   $a(PQKBManifestationID)11852308
035   $a(PQKBTitleCode)TC0001501016
035   $a(PQKBWorkID)11524105
035   $a(PQKB)11184553
035   $a(DE-He213)978-3-319-16664-3
035   $a(MiAaPQ)EBC2094645
035   $a(PPN)185485928
035   $a(MiAaPQ)EBC3109817
035   $a(MiAaPQ)EBC6220429
035   $a(EXLCZ)993710000000399942
100   $a20150415d2015      u|         0
101 0 $aeng
135   $aur|n|---|||||
181   $ctxt
182   $cc
183   $acr
200 10$aPattern and Security Requirements $eEngineering-Based Establishment of Security Standards /$fby Kristian Beckers
205   $a1st ed. 2015.
210  1$aCham :$cSpringer International Publishing :$cImprint: Springer,$d2015.
215   $a1 online resource (489 p.)
300   $aDescription based upon print version of record.
311 08$a3-319-16663-8 
327   $aForeword -- Preface -- Introduction -- Background -- The PEERESS Framework -- The CAST Method for Comparing Security Standards -- Relating ISO 27001 to the Conceptual Framework for Security Requirements Engineering Methods -- Supporting ISO 27001 compliant ISMS Establishment with Si* -- Supporting ISO 27001 Establishment with CORAS -- Supporting Common Criteria Security Analysis with Problem Frames -- Supporting ISO 26262 Hazard Analysis with Problem Frames -- A Catalog of Context-Patterns -- Initiating a Pattern Language for Context-Patterns -- Supporting the Establishment of a cloud-specific ISMS according to ISO 27001 using the Cloud System Analysis Pattern -- Validation and Extension of our Context-Pattern Approach -- Conclusion.
330   $aSecurity threats are a significant problem for information technology companies today. This book focuses on how to mitigate these threats by using security standards and provides ways to address associated problems faced by engineers caused by ambiguities in the standards. The security standards are analysed, fundamental concepts of the security standards presented, and the relations to the elementary concepts of security requirements engineering (SRE) methods explored. Using this knowledge, engineers can build customised methods that support the establishment of security standards. Standards such as Common Criteria or ISO 27001 are explored and several extensions are provided to well-known SRE methods such as Si*, CORAS, and UML4PF to support the establishment of these security standards. Through careful analysis of the activities demanded by the standards, for example the activities to establish an Information Security Management System (ISMS) in compliance with the ISO 27001 standard, methods are proposed which incorporate existing security requirement approaches and patterns. Understanding Pattern and Security Requirements engineering methods is important for software engineers, security analysts, and other professionals that are tasked with establishing a security standard, as well as researchers who aim to investigate the problems with establishing security standards. The examples and explanations in this book are designed to be understandable by all these readers.
606   $aComputer security
606   $aManagement information systems
606   $aComputer science
606   $aQuality control
606   $aReliability
606   $aIndustrial safety
606   $aArtificial intelligence
606   $aComputers
606   $aSystems and Data Security$3https://scigraph.springernature.com/ontologies/product-market-codes/I28060
606   $aManagement of Computing and Information Systems$3https://scigraph.springernature.com/ontologies/product-market-codes/I24067
606   $aQuality Control, Reliability, Safety and Risk$3https://scigraph.springernature.com/ontologies/product-market-codes/T22032
606   $aArtificial Intelligence$3https://scigraph.springernature.com/ontologies/product-market-codes/I21000
606   $aModels and Principles$3https://scigraph.springernature.com/ontologies/product-market-codes/I18016
615  0$aComputer security.
615  0$aManagement information systems.
615  0$aComputer science.
615  0$aQuality control.
615  0$aReliability.
615  0$aIndustrial safety.
615  0$aArtificial intelligence.
615  0$aComputers.
615 14$aSystems and Data Security.
615 24$aManagement of Computing and Information Systems.
615 24$aQuality Control, Reliability, Safety and Risk.
615 24$aArtificial Intelligence.
615 24$aModels and Principles.
676   $a004
676   $a005.74
676   $a005.743
676   $a005.8
676   $a006
676   $a658.56
700   $aBeckers$b Kristian$4aut$4http://id.loc.gov/vocabulary/relators/aut$01060016
906   $aBOOK
912   $a9910299230603321
996   $aPattern and Security Requirements$92510153
997   $aUNINA