Information security evaluation of software-intensive systems typically relies heavily on the experience of the security professionals. Obviously, automated approaches are needed ...
In this paper, we outline a conceptual framework for linking cyber security provisions to business processes. The framework is presented for use in analyzing the cost and performa...
Information security is based on access control models and cryptographic techniques. These are well established areas of research in computer security, but are not capable of supp...
It is difficult to apply existing software development methods to security concerns. Using software for security testing purposes, in particular, is hard to do. The fact that ther...
We present a framework in which different notions of security can be defined in a uniform and modular way. Each definition of security is formalized as a security predicate by ass...