Security engineering methodology for developing secure enterprise information systems: An overview

Young Gab Kim, Sungdeok Cha

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The software engineering discipline has provided principles, methodologies, and tools for the development of information systems. Software engineering have also become a fundamental component to produce information systems and related software components which are cheaper, better and faster. Recently, many forms of security attacks against information systems have emerged that attempt to compromise the security of information systems and organizations. However, traditional software engineering is not adequate and effective for developing secure information systems. In this paper, we propose holistic, consistent, and integrated security engineering procedures for analyzing, designing, developing, testing, and maintaining secure enterprise information systems. The proposed security engineering methodology combines security risk control, enterprise security architecture, and security management as an integrated framework.

Original languageEnglish
Title of host publicationLecture Notes in Electrical Engineering
Pages393-400
Number of pages8
Volume181 LNEE
DOIs
Publication statusPublished - 2012 Oct 19
Event7th International Conference on Embedded and Multimedia Computing, EMC 2012 - Gwangju, Korea, Republic of
Duration: 2012 Sep 62012 Sep 8

Publication series

NameLecture Notes in Electrical Engineering
Volume181 LNEE
ISSN (Print)18761100
ISSN (Electronic)18761119

Other

Other7th International Conference on Embedded and Multimedia Computing, EMC 2012
CountryKorea, Republic of
CityGwangju
Period12/9/612/9/8

Fingerprint

Information systems
Software engineering
Industry
Security of data
Testing

Keywords

  • enterprise security architecture
  • secure information system
  • security engineering
  • security management
  • security risk analysis

ASJC Scopus subject areas

  • Industrial and Manufacturing Engineering

Cite this

Kim, Y. G., & Cha, S. (2012). Security engineering methodology for developing secure enterprise information systems: An overview. In Lecture Notes in Electrical Engineering (Vol. 181 LNEE, pp. 393-400). (Lecture Notes in Electrical Engineering; Vol. 181 LNEE). https://doi.org/10.1007/978-94-007-5076-0_47

Security engineering methodology for developing secure enterprise information systems : An overview. / Kim, Young Gab; Cha, Sungdeok.

Lecture Notes in Electrical Engineering. Vol. 181 LNEE 2012. p. 393-400 (Lecture Notes in Electrical Engineering; Vol. 181 LNEE).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Kim, YG & Cha, S 2012, Security engineering methodology for developing secure enterprise information systems: An overview. in Lecture Notes in Electrical Engineering. vol. 181 LNEE, Lecture Notes in Electrical Engineering, vol. 181 LNEE, pp. 393-400, 7th International Conference on Embedded and Multimedia Computing, EMC 2012, Gwangju, Korea, Republic of, 12/9/6. https://doi.org/10.1007/978-94-007-5076-0_47
Kim YG, Cha S. Security engineering methodology for developing secure enterprise information systems: An overview. In Lecture Notes in Electrical Engineering. Vol. 181 LNEE. 2012. p. 393-400. (Lecture Notes in Electrical Engineering). https://doi.org/10.1007/978-94-007-5076-0_47
Kim, Young Gab ; Cha, Sungdeok. / Security engineering methodology for developing secure enterprise information systems : An overview. Lecture Notes in Electrical Engineering. Vol. 181 LNEE 2012. pp. 393-400 (Lecture Notes in Electrical Engineering).
@inproceedings{23095469052e46b5a31df4d7ae938988,
title = "Security engineering methodology for developing secure enterprise information systems: An overview",
abstract = "The software engineering discipline has provided principles, methodologies, and tools for the development of information systems. Software engineering have also become a fundamental component to produce information systems and related software components which are cheaper, better and faster. Recently, many forms of security attacks against information systems have emerged that attempt to compromise the security of information systems and organizations. However, traditional software engineering is not adequate and effective for developing secure information systems. In this paper, we propose holistic, consistent, and integrated security engineering procedures for analyzing, designing, developing, testing, and maintaining secure enterprise information systems. The proposed security engineering methodology combines security risk control, enterprise security architecture, and security management as an integrated framework.",
keywords = "enterprise security architecture, secure information system, security engineering, security management, security risk analysis",
author = "Kim, {Young Gab} and Sungdeok Cha",
year = "2012",
month = "10",
day = "19",
doi = "10.1007/978-94-007-5076-0_47",
language = "English",
isbn = "9789400750753",
volume = "181 LNEE",
series = "Lecture Notes in Electrical Engineering",
pages = "393--400",
booktitle = "Lecture Notes in Electrical Engineering",

}

TY - GEN

T1 - Security engineering methodology for developing secure enterprise information systems

T2 - An overview

AU - Kim, Young Gab

AU - Cha, Sungdeok

PY - 2012/10/19

Y1 - 2012/10/19

N2 - The software engineering discipline has provided principles, methodologies, and tools for the development of information systems. Software engineering have also become a fundamental component to produce information systems and related software components which are cheaper, better and faster. Recently, many forms of security attacks against information systems have emerged that attempt to compromise the security of information systems and organizations. However, traditional software engineering is not adequate and effective for developing secure information systems. In this paper, we propose holistic, consistent, and integrated security engineering procedures for analyzing, designing, developing, testing, and maintaining secure enterprise information systems. The proposed security engineering methodology combines security risk control, enterprise security architecture, and security management as an integrated framework.

AB - The software engineering discipline has provided principles, methodologies, and tools for the development of information systems. Software engineering have also become a fundamental component to produce information systems and related software components which are cheaper, better and faster. Recently, many forms of security attacks against information systems have emerged that attempt to compromise the security of information systems and organizations. However, traditional software engineering is not adequate and effective for developing secure information systems. In this paper, we propose holistic, consistent, and integrated security engineering procedures for analyzing, designing, developing, testing, and maintaining secure enterprise information systems. The proposed security engineering methodology combines security risk control, enterprise security architecture, and security management as an integrated framework.

KW - enterprise security architecture

KW - secure information system

KW - security engineering

KW - security management

KW - security risk analysis

UR - http://www.scopus.com/inward/record.url?scp=84867476521&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84867476521&partnerID=8YFLogxK

U2 - 10.1007/978-94-007-5076-0_47

DO - 10.1007/978-94-007-5076-0_47

M3 - Conference contribution

AN - SCOPUS:84867476521

SN - 9789400750753

VL - 181 LNEE

T3 - Lecture Notes in Electrical Engineering

SP - 393

EP - 400

BT - Lecture Notes in Electrical Engineering

ER -