Skip to main content
SpringerLink
Log in

A Systematic Approach to Define the Domain of Information System Security Risk Management

  • Chapter
  • First Online:
Intentional Perspectives on Information Systems Engineering

Abstract

Today, security concerns are at the heart of information systems, both at technological and organizational levels. With over 200 practitioner-oriented risk management methods and several academic security modelling frameworks available, a major challenge is to select the most suitable approach. Choice is made even more difficult by the absence of a real understanding of the security risk management domain and its ontology of related concepts. This chapter contributes to the emergence of such an ontology. It proposes and applies a rigorous approach to build an ontology, or domain model, of information system security risk management. The proposed domain model can then be used to compare, select or otherwise improve security risk management methods.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://www.clusif.asso.fr/en/clusif/present/.

References

  1. Alberts CJ, Dorofee AJ (2001) OCTAVE method implementation guide version 2.0. Carnegie Mellon University, Software Engineering Institute, Pittsburgh, PA

    Google Scholar 

  2. Asnar Y, Giorgini P (2006) Modelling risk and identifying countermeasure in organizations. In: Proceedings of the 1st interational workshop on critical information intrastructures security (CRITIS’06), Springer, Berlin, pp 55–66

    Google Scholar 

  3. AS/NZS 4360 (2004) Risk management. SAI Global

    Google Scholar 

  4. Bresciani P, Giorgini P, Giunchiglia F, Mylopoulos J, Perin, A (2004) TROPOS: an agent-oriented software development methodology. Autonomous Agents Multi-Agent Systems 8:203–236

    Article  Google Scholar 

  5. CLUSIF (1998) MARION (Méthodologie d’Analyse des Risques Informatique et d’Optimation par Niveau) available at http://www.clusif.asso.fr

  6. CLUSIF (2007) MEHARI 2007: concepts and mechanisms. http://www.clusif.asso.fr/fr/production/ouvrages/pdf/CLUSIF-risk-management.pdf. Last Accessed 21 Feb 2010

  7. Cockburn A (2001) Writing effective use cases. Addison-Wesley Longman Publishing Co., Boston, MA, USA

    Google Scholar 

  8. Common Criteria version 2.3 (2005) Common criteria for information technology security evaluation, CCMB-2005-08-002. http://www.tse.org.tr/turkish/belgelendirme/ortakkriter/ccpart2v2.3.pdf. Last Accessed 21 Feb 2010

  9. DCSSI (2004) EBIOS – expression of needs and identification of security objectives. http://www.ssi.gouv.fr/archive/en/confidence/ebiospresentation.html. Last Accessed 21 Feb 2010

  10. Direction des Constructions Navales (1989) MELISA (Méthode d’Evaluation de la Vulnérabilité Résiduelle des Systèmes d’Information). Paris, France

    Google Scholar 

  11. Dubois E, Mayer N, Rifaut A, Rosener V (2006) Contributions méthologiques pour l’amélioration de l’analyse des risques. In: Enjeux de la sécurité multimédia (Traité IC2, série Informatique et systèmes d’information). Hermes Science Publications, Paris, pp 79–131

    Google Scholar 

  12. Elahi G, Yu E, Zannone N (2010) A vulnerability-centric requirements engineering framework: analyzing security attacks, countermeasures, and requirements based on vulnerabilities. Reqs Eng Journal 15(1):41–62

    Article  Google Scholar 

  13. ENISA (European Network and Information Security Agency) (2006) Inventory of risk assessment and risk management methods. http://www.enisa.europa.eu/act/rm/files/deliverables/inventory-of-risk-assessment-and-risk-management-methods. Last Accessed 21 Feb 2010

  14. Fabian B, Gürses S, Heisel M, Santen T, Schmidt H (2010) A comparison of security requirements engineering methods. Reqs Eng Journal 15(1):7–40

    Article  Google Scholar 

  15. Firesmith DG (2003) Common concepts underlying safety, security, and survivability engineering. CMU/SEI-2003-TN-033 Carnegie Mellon University, Software Engineering Institute, Pittsburgh, PA

    Google Scholar 

  16. Firesmith DG (2007) Engineering safety and security related requirements for software intensive systems. In: Companion to the proceedings of the 29th international conference on software engineering (COMPANION’07). IEEE Computer Society, p 169

    Google Scholar 

  17. Giorgini P, Massacci F, Zannone N (2005) Security and trust requirements engineering. In: Foundations of security analysis and design III. LNCS, vol 3655. Springer, pp 237–272

    Google Scholar 

  18. Haley CB, Laney RC, Moffett JD, Nuseibeh B (2008) Security requirements engineering: a framework for representation and analysis. IEEE Trans Softw Eng 34:133–153

    Article  Google Scholar 

  19. Haley CB, Moffett JD, Laney RC, Nuseibeh B (2006) A framework for security requirements engineering. In: Proceedings of the 2nd international workshop on software engineering for secure systems (SESS’06), ACM, pp 35–42

    Google Scholar 

  20. Harel D, Rumpe B (2004) Meaningful modeling: what’s the semantics of “semantics”? Computer 37:64–72

    Google Scholar 

  21. Insight Consulting (2003) CRAMM (CCTA Risk Analysis and Management Method) User Guide version 5.0. SIEMENS

    Google Scholar 

  22. ISO/IEC Guide 73 (2002) Risk management – vocabulary – guidelines for use in standards. International Organization for Standardization, Geneva

    Google Scholar 

  23. ISO/IEC 13335-1 (2004) Information technology – security techniques – management of information and communications technology security – part 1: concepts and models for information and communications technology security management. International Organization for Standardization, Geneva

    Google Scholar 

  24. ISO 14001 (2004) Environmental management systems – requirements with guidance for use. International Organization for Standardization, Geneva

    Google Scholar 

  25. ISO/IEC 27001 (2005) Information technology – security techniques – information security management systems – requirements. International Organization for Standardization, Geneva

    Google Scholar 

  26. Jackson M (1995) Software requirements & specifications: a lexicon of practice, principles and prejudices. ACM/Addison-Wesley, New York

    Google Scholar 

  27. Jackson M (2001) Problem frames: analyzing and structuring software development problems. Addison-Wesley, New York

    Google Scholar 

  28. Jürjens J (2002) UMLsec: extending uml for secure systems development. In: Proceedings of the 5th international conference on the unified modeling language (UML’02). LNCS, vol 2460. Springer, pp 412–425

    Google Scholar 

  29. van Lamsweerde A (2004) Elaborating security requirements by construction of intentional anti-models. In: Proceedings of the 26th international conference on software engineering (ICSE’04), IEEE Computer Society, pp 148–157

    Google Scholar 

  30. van Lamsweerde A, Letier E (2000) Handling obstacles in goal-oriented requirements engineering. IEEE Trans Softw Eng 26:978–1005

    Google Scholar 

  31. Lin L, Nuseibeh B, Ince D, Jackson M (2004) Using abuse frames to bound the scope of security problems. In: Proceedings of the 12th IEEE international conference on requirements engineering (RE’04), IEEE Computer Society, pp 354–355

    Google Scholar 

  32. Lin L, Nuseibeh B, Ince D, Jackson M, Moffett JD (2003) Analysing security threats and vulnerabilities using abuse frames. Technical report No: 2003/10, Open University

    Google Scholar 

  33. Lin L, Nuseibeh B, Ince D, Jackson M, Moffett JD (2003) Introducing abuse frames for analysing security requirements. In: Proceedings of the 11th IEEE international conference on requirements engineering (RE’03), IEEE Computer Society, pp 371–372

    Google Scholar 

  34. Liu L, Yu E, Mylopoulos J (2003) Security and privacy requirements analysis within a social setting. In: Proceedings of the 11th IEEE international conference on requirements engineering (RE’03), IEEE Computer Society, p 151

    Google Scholar 

  35. Lodderstedt T, Basin D, Doser J (2002) SecureUML: a UML-based modeling language for model-driven security. In: Proceedings of the 5th international conference on the unified modeling language (UML’02), Springer, pp 426–441

    Google Scholar 

  36. Matulevičius R, Mayer N, Heymans P (2008) Alignment of misuse cases with security risk management. In: Proceedings of the 3rd international conference on availability, reliability and security (ARES’08), IEEE Computer Society, pp 1397–1404

    Google Scholar 

  37. Matulevičius R, Mayer N, Mouratidis H, Dubois E, Heymans P, Genon N (2008) Adapting secure tropos for security risk management during early phases of the information systems development. In: Proceedings of the 20th international conference on advanced information systems engineering (CAiSE’08). LNCS, vol 5074. Springer, pp 541–555

    Google Scholar 

  38. Mayer N (2009) Model-based management of information system security risk. PhD thesis, University of Namur

    Google Scholar 

  39. Mayer N, Genon N (2006) Design of a modelling language for information system security risk management –elicitation of relationships between concepts and meta-model of each source. Technical report. University of Namur

    Google Scholar 

  40. Mayer N, Heymans P, Matulevičius R (2007) Design of a modelling language for information system security risk management. In: Proceedings of the 1st international conference on research challenges in information science (RCIS’07), IEEE Xplore Digital Library, pp 121–132

    Google Scholar 

  41. Mayer N, Rifaut, A, Dubois E (2005) Towards a risk-based security requirements engineering framework. In: Proceedings of the 11th international workshop on requirements engineering: foundation for software quality (REFSQ’05), Springer, pp 83–97

    Google Scholar 

  42. McDermott J, Fox C (1999) Using abuse case models for security requirements analysis. In: Proceedings of the 15th annual computer security applications conference (ACSAC’99), IEEE Computer Society, pp 55–65

    Google Scholar 

  43. Mead NR, Hough ED, Stehney TR (2005) Security quality requirements engineering (SQUARE) methodology. Technical report CMU/SEI-2005-TR-009, ESC-TR-2005-009Carnegie Mellon University – Software Engineering Institute, Pittsburgh, PA

    Google Scholar 

  44. Moffett JD, Nuseibeh B (2003) A framework for security requirements engineering. Report YCS 368 Department of Computer Science, University of York, UK

    Google Scholar 

  45. Moody DL (2009) Evidence-based notation design: towards a scientific basis for constructing visual notations in software engineering. IEEE Trans Softw Eng 35(6):756–779

    Google Scholar 

  46. Mouratidis H, Giorgini P (2010) Extending i* and tropos to model security. In: Yu E, Giorgini P, Maiden N, Mylopoulos J (eds) Social modeling for requirements engineering. MIT (in press), Cambridge, Massachusetts (USA)

    Google Scholar 

  47. Mouratidis H, Giorgini P, Manson GA, Philp I (2002) A natural extension of tropos methodology for modelling security. In: Proceedings of the agent oriented methodologies workshop (OOPSLA’02)

    Google Scholar 

  48. Oladimeji EA, Supakkul S, Chung L (2006) Security threat modeling and analysis: a goal-oriented approach. In: Proceedings of the 10th international conference on software engineering and applications (SEA’06), pp 178–185

    Google Scholar 

  49. Olle TW, Hagelstein J, Macdonald IG., Rolland C, Sol HG, Van Assche FJM, Verrijn-Stuart AA (1992) Information systems methodology: a framework for understanding, 2nd edn. Addison-Wesley Longman Publishing Co., Inc. Boston, MA, USA

    Google Scholar 

  50. Rolland C (1998) An information system methodology supported by an expert design tool. Elsevier Science, University of Paris

    Google Scholar 

  51. Sindre G, Opdahl AL (2004) Eliciting security requirements with misuse cases. Reqs Eng J 10(1):34–44

    Article  Google Scholar 

  52. Stoneburner G, Goguen A, Feringa A (2002) NIST special publication 800-30: risk management guide for information technology systems. National Institute of Standards and Technology, Gaithersburg

    Google Scholar 

  53. Stoneburner G, Hayden C, Feringa A (2004) NIST special publication 800-27 rev. A: engineering principles for information technology security (a baseline for achieving security). National Institute of Standards and Technology, Gaithersburg

    Google Scholar 

  54. The Project Management Institute (2001) Project management body of knowledge http://www.pmi.org/

  55. Vraalsen F, Mahler T, Lund MS, Hogganvik I, den Braber F, Stølen K (2007) Assessing enterprise risk level: the CORAS approach. In: Khadraoui D, Herrmann F (eds) Advances in enterprise information technology security. Idea Group, IGI Global, Hershey, Pennsylvania pp 311–333

    Google Scholar 

  56. Wikipedia (2008) Information system definition. http://en.wikipedia.org/wiki/Information_system

  57. Yu E (1996) Modelling strategic relationships for process reengineering. PhD Thesis, University of Toronto, Toronto, ON, Canada

    Google Scholar 

Download references

Acknowledgments

Thanks to Germain Saval for his help in editing this chapter. And finally, we would like to express our immense gratitude to Colette Rolland for showing us the way.

Author information

Authors and Affiliations

  1. Centre de Recherche Public Henri Tudor, 29, avenue John F. Kennedy, L-1855, Luxembourg-Kirchberg, Luxembourg

    Éric Dubois & Nicolas Mayer

  2. University of Namur (FUNDP), PReCISE Research Center, Rue Grandgagnage 21, B-5000, Namur, Belgium

    Patrick Heymans

  3. Institute of Computer Science, University of Tartu, J. Liivi 2, 50409, Tartu, Estonia

    Raimundas Matulevičius

Authors
  1. Éric Dubois
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Patrick Heymans
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nicolas Mayer
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Raimundas Matulevičius
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Éric Dubois .

Editor information

Editors and Affiliations

  1. , IAE de Paris, Université Paris 1 Panthéon Sorbonne, rue Broca 21, Paris, 75005, France

    Selmin Nurcan

  2. Centre de Recherche en Informatique, Université Paris 1, Paris, 75013, France

    Camille Salinesi

  3. , Centre PMF, Université Paris 1, Panthéon Sorbonne, rue de Tolbiac 90, Paris, 75013, France

    Carine Souveyet

  4. , Department of Information Systems, University of Geneva, route de Drize 7, Carouge, 1227, Switzerland

    Jolita Ralyté

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Dubois, É., Heymans, P., Mayer, N., Matulevičius, R. (2010). A Systematic Approach to Define the Domain of Information System Security Risk Management. In: Nurcan, S., Salinesi, C., Souveyet, C., Ralyté, J. (eds) Intentional Perspectives on Information Systems Engineering. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12544-7_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-12544-7_16

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-12543-0

  • Online ISBN: 978-3-642-12544-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation