We have proposed in the past three separate methodologies for secure software development. We have found that they have many common and complementary aspects and we proposed a com...
The literature agrees that the major threat to IS security is constituted by careless employees who do not comply with organizations’ IS security policies and procedures. To add...
In traditional information-flow type systems, the security policy is often formalized as noninterference properties. However, noninterference alone is too strong to express securi...
The UML is the de facto standard for system specification, but offers little specialized support for the specification and analysis of policies. This paper presents Deontic STAIRS,...
— In recent times, many protocols have been proposed to provide security for various information and communication systems. Such protocols must be tested for their functional cor...