期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

信息系统安全工程概念与方法研究

State-of-the-art of Information System Security Engineering: The concept and methodology
在线阅读 下载PDF
导出
摘要 首先介绍了信息系统安全工程的概念 ,然后从信息系统安全工程方法论、安全需求定义、风险评估、安全控制策略和安全评价及标准等 5个方面 ,综合分析了当前国内外信息系统安全工程理论与方法的研究进展 。 The concept of Information System Security Engineering (ISSE) is outlined. Then the current research findings at home and abroad are analyzed comprehensively from five aspects, namely ISSE methodology, security requirement definition, risk assessment, security policy, security appraisal and standard. Some prospective research fields are summarized.
作者 王兴芬 李一军
机构地区 哈尔滨工业大学管理学院
出处 《合肥工业大学学报(自然科学版)》 CAS CSCD 2003年第z1期844-848,共5页 Journal of Hefei University of Technology:Natural Science
关键词 信息系统安全工程 安全需求定义 安全风险评估 控制策略 Information System Security Engineering security requirement definition security risk assessment control policy
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献24

  • 1[1]Higginbotham M D, Milheizler A J,Maley J,et al. Integrating information security engineering with system engineering with system engineering tools[A]. Proceedings of Seventh IEEE International Workshops on Enabling Technologies[C].New York:Institute of Electrical & Electronics Engineers,Inc,1998.320 -326.
  • 2[2]Lee Y, Lee J, Lee Z.Integrating software lifecycle process standards with security engineering[J]. Computer &Security,2002,21(4):345-355.
  • 3[3]Kokolakis S A, Demopoulos A J,Kiountouzis E A. The use of business process modeling in information systems security analysis and design[J]. Information Management & Computer Security,2000,8(3):107-116.
  • 4[4]Bodeau D J. System-of-systems security engineering[A]. Proceedings of 10th Computer Security Applications Conference[C].New York:Institute of Electrical & Electronics Engineers,Inc,1994.228 -235.
  • 5[5]Chan M T,Kwok L F.Integrating security design into the software development process for e-commerce system[J]. Information Management & Computer Security, 2001,9(3):112-122.
  • 6[6]McDermott J, Fox C.Using abuse case models for security requirements analysis[A]. Proceedings of 15th Computer Security Applications Conference[C].New York:Institute of Electrical & Electronics Engineers,Inc,1999.55-64.
  • 7[7]Gerber M,Von Solms R, Overbeek L. Formalizing information security requirements[J]. Information Management & Computer Security,2001,9(1):32-37.
  • 8[8]Bryce C. Security engineering of lattice-based policies[A]. Proceedings of 10th Computer Security Foundations Workshop[C].New York:Institute of Electrical & Electronics Engineers,Inc,1997.195 -207.
  • 9[9]Pernul G, Tjoa A, Winiwarter W. Modelling data secrecy and integrity[J]. Data &Knowledge Engineering,1998,26:291-308.
  • 10[10]Zegzhda P D.Secure system design technology[A].Proceedings of International Workshop MMM-ACNS[C]. New York:Institute of Electrical & Electronics Engineers,Inc,2001.63-71.

二级参考文献8

共引文献44

合肥工业大学学报(自然科学版)
2003年 第z1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部