Security engineering methodology for developing secure enterprise information systems: An overview

Young Gab Kim, Sungdeok Cha

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The software engineering discipline has provided principles, methodologies, and tools for the development of information systems. Software engineering have also become a fundamental component to produce information systems and related software components which are cheaper, better and faster. Recently, many forms of security attacks against information systems have emerged that attempt to compromise the security of information systems and organizations. However, traditional software engineering is not adequate and effective for developing secure information systems. In this paper, we propose holistic, consistent, and integrated security engineering procedures for analyzing, designing, developing, testing, and maintaining secure enterprise information systems. The proposed security engineering methodology combines security risk control, enterprise security architecture, and security management as an integrated framework.

Original languageEnglish
Title of host publicationEmbedded and Multimedia Computing Technology and Service, EMC 2012
Pages393-400
Number of pages8
DOIs
Publication statusPublished - 2012
Event7th International Conference on Embedded and Multimedia Computing, EMC 2012 - Gwangju, Korea, Republic of
Duration: 2012 Sep 62012 Sep 8

Publication series

NameLecture Notes in Electrical Engineering
Volume181 LNEE
ISSN (Print)1876-1100
ISSN (Electronic)1876-1119

Other

Other7th International Conference on Embedded and Multimedia Computing, EMC 2012
CountryKorea, Republic of
CityGwangju
Period12/9/612/9/8

Keywords

  • enterprise security architecture
  • secure information system
  • security engineering
  • security management
  • security risk analysis

ASJC Scopus subject areas

  • Industrial and Manufacturing Engineering

Fingerprint Dive into the research topics of 'Security engineering methodology for developing secure enterprise information systems: An overview'. Together they form a unique fingerprint.

  • Cite this

    Kim, Y. G., & Cha, S. (2012). Security engineering methodology for developing secure enterprise information systems: An overview. In Embedded and Multimedia Computing Technology and Service, EMC 2012 (pp. 393-400). (Lecture Notes in Electrical Engineering; Vol. 181 LNEE). https://doi.org/10.1007/978-94-007-5076-0_47