A Business Goal Driven Approach for Understanding and Specifying Information Security Requirements
نویسندگان
چکیده
We present a new approach to explicity link security requirements with the organization’s business vision. A conceptual framework is presented, where the relationships between business vision, critical impact factors and valuable assets (together with their security requirements) are clearly show. Evaluating this relationships and considering also organization’s business drivers, it is possible to define a plan for prioritizing security requirements primary required by organization’s business.
منابع مشابه
The Tri-dimensional Role of Information Security in E-business: a Managerial Perspective
The effective management of information and its associated infrastructure is critical in electronic business. Failure to exercise due diligence in information assurance and security may lead to lost revenue or business opportunities, brand and reputation erosion, adverse media publicity, scrutiny from consumer advocates and even lawsuits. Traditionally, information security was approached in te...
متن کاملManaging Security Requirements: Towards Better Alignment Between Information Systems And Business
Information Systems are increasingly becoming essential to the success of business organizations. They play a central role in the success of almost all components of the organization such as business decision-making, business strategy formulation, business goal modeling, managing organizational resources, structure, managing organizational data etc. However, protecting information systems and o...
متن کاملGenerating WS-SecurityPolicy Documents via Security Model Transformation
When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriate security model definition and transformation approach, targeting the WS-SecurityPolicy and WS-BPEL...
متن کاملIdentification of the Patient Requirements Using Lean Six Sigma and Data Mining
Lean health care is one of new managing approaches putting the patient at the core of each change. Lean construction is based on visualization for understanding and prioritizing imporvments. By using only visualization techniques, so much important information could be missed. In order to prioritize and select improvements, it’s essential to integrate new analysis tools to achieve a good unders...
متن کاملRisk-driven Non-functional Requirement Analysis and Specification
The complexity and usefulness of software systems are determined not only by their functionality, but also by nonfunctional requirements such as accuracy, security, cost, userfriendliness and performance. However, even with the growing interest in dealing with NFRs from early stages of software development, current technology is not adequate for analyzing and representationally expressing these...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره abs/cs/0603129 شماره
صفحات -
تاریخ انتشار 2006