Gesellschaft für Informatik e.V.

Lecture Notes in Informatics


Modellierung 2014 P-225, 337-352 (2014).

Gesellschaft für Informatik, Bonn
2014


Copyright © Gesellschaft für Informatik, Bonn

Contents

Seceval: an evaluation framework for engineering secure systems

Marianne Busch , Nora Koch and Martin Wirsing

Abstract


Engineering secure software systems is not an easy task. Many methods, notations and tools - we call them knowledge objects - exist to support engineers in the development of such software. A main problem is the selection of appropriate knowledge objects. Therefore, we build the conceptual framework SECEVAL to support the evaluation and comparison of security features, vulnerabilities, methods, notations and tools. It provides an evaluation process and a model, which comprises concepts related to security context, data collection and data analysis. Our approach is validated by a case study in the area of security testing of web applications.


Full Text: PDF

Gesellschaft für Informatik, Bonn
ISBN 978-388579-619-0


Last changed 14.04.2014 18:06:17