[Context and motivation] Security engineering is one of the important concerns during system development. It should be addressed throughout the whole system development process. There are several languages for security modelling that help dealing with security risk management at the requirements stage. [Question/problem] In this paper, we are focusing on Mal-activity diagrams that are used from requirement engineering to system design stage. More specifically we investigate how this language supports information systems security risks management (ISSRM). [Principal ideas/results] The outcome of this work is an alignment table between the Mal-activity diagrams language constructs to the ISSRM domain model concepts. [Contribution] This result may help developers understand how to model security risks at the system requirement and design stages. Also, it paves the way for interoperability between the modelling languages that are analysed using the same conceptual framework, thus facilitating transformation between these modelling approaches. © 2012 Springer-Verlag.
CITATION STYLE
Chowdhury, M. J. M., Matulevičius, R., Sindre, G., & Karpati, P. (2012). Aligning mal-activity diagrams and security risk management for security requirements definitions. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7195 LNCS, pp. 132–139). https://doi.org/10.1007/978-3-642-28714-5_11
Mendeley helps you to discover research relevant for your work.