OATAO - Open Archive Toulouse Archive Ouverte Open Access Week

Towards a Methodological Tool Support for Modeling Security-Oriented Processes

Geisel, Jacob and Hamid, Brahim and Gonzalez, David and Bruel, Jean-Michel Towards a Methodological Tool Support for Modeling Security-Oriented Processes. (2016) In: 6th International Conference On Model and Data Engineering (MEDI 2016), 21 September 2016 - 23 September 2016 (Almeria, Spain).

[img]
Preview
(Document in English)

PDF (Author's version) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
217kB

Official URL: http://dx.doi.org/10.1007/978-3-319-45547-1_3

Abstract

Development processes for software construction are common knowledge and widely used in most development organizations. Unfortunately, these processes often offer only little or no support in order to meet security requirements. In our work, we propose a methodology to build domain specific process models with security concepts on the foundations of industry-relevant security approaches, backed by a security-oriented process model specification language. Instead of building domain specific security-oriented process models from the ground, the methodology allows process designers to fall back on existing well established security approaches and add domain relevant concepts and repository-centric approaches, as well as supplementary information security risk management standards (e.g., Common Criteria), to fulfill the demand for secure software engineering. Supplementary and/or domain specific concepts can be added trough our process modeling language in an easy and direct way. The methodology and the process modeling language we propose have been successfully evaluated by the TERESA project for specifying development processes for trusted applications and integrating security concepts into existing process models used in the railway domain.

Item Type:Conference or Workshop Item (Paper)
Additional Information:Thanks to Springer editor. This papers appears in Volume 9893 of Lecture Notes in Computer Science ISSN : 0302-9743 ISBN: 978-3-319-45546-4 The original PDF is available at: http://link.springer.com/chapter/10.1007%2F978-3-319-45547-1_3
HAL Id:hal-01475034
Audience (conference):International conference proceedings
Uncontrolled Keywords:
Institution:French research institutions > Centre National de la Recherche Scientifique - CNRS (FRANCE)
Université de Toulouse > Institut National Polytechnique de Toulouse - INPT (FRANCE)
Université de Toulouse > Université Toulouse III - Paul Sabatier - UPS (FRANCE)
Université de Toulouse > Université Toulouse - Jean Jaurès - UT2J (FRANCE)
Université de Toulouse > Université Toulouse 1 Capitole - UT1 (FRANCE)
Other partners > IK4-IKERLAN (SPAIN)
Laboratory name:
Statistics:download
Deposited By: IRIT IRIT
Deposited On:06 Feb 2017 08:54

Repository Staff Only: item control page