Security Group Seminar, 18th October 1994
- Speaker:
- Richard Baskerville, Binghamton University
- Date:
- Tuesday 18th October at 4.15pm
- Place:
- Room TP4, Computer Laboratory
- Title:
- IMPLICATIONS OF AN ANALYTICAL SURVEY OF INFORMATION
SYSTEMS SECURITY DESIGN METHODS
A recent survey of three generations of general information system
design methods provides a framework for understanding current security
design practice. The methods used may depend on checklists of controls,
divide functional requirements into engineering partitions, or create
abstract models of both the problem and the solution. An analysis of
this survey reveals that security methods lag behind general systems
development methods, and that many general methods fail to consider
security specifications rigorously. These findings suggest that more
general software engineering techniques cannot succeed without explicit
security considerations.
Security Group Seminar, 18th October 1994 / Mark.Lomas@cl.cam.ac.uk