TY - GEN
T1 - Incorporating security issues in the information systems design
AU - Villarroel, Rodolfo
AU - Fernández-Medina, Eduardo
AU - Piattini, Mario
PY - 2004
Y1 - 2004
N2 - Nowadays, security solutions are mainly focused on providing security defences (such as firewalls, routers, configuration server, password and encryption) instead of solving one of the main reasons of security problems that refers to an appropriate software design. Fortunately, there have been developed new methodologies incorporating security into their development processes. This paper allows to make a comparison of six secure systems design methodologies and our proposal for the segure multidimensional conceptual modeling. The analysed methodologies fulfil criteria partially and in this paper, we make it clear that security aspects cannot be completely specified by these methodologies since they have a series of limitations that we have to take into account. At the same time, each one of these methodologies comprises very important aspects concerning security that can be used as a basis for new methodologies or extensions that may be developed.
AB - Nowadays, security solutions are mainly focused on providing security defences (such as firewalls, routers, configuration server, password and encryption) instead of solving one of the main reasons of security problems that refers to an appropriate software design. Fortunately, there have been developed new methodologies incorporating security into their development processes. This paper allows to make a comparison of six secure systems design methodologies and our proposal for the segure multidimensional conceptual modeling. The analysed methodologies fulfil criteria partially and in this paper, we make it clear that security aspects cannot be completely specified by these methodologies since they have a series of limitations that we have to take into account. At the same time, each one of these methodologies comprises very important aspects concerning security that can be used as a basis for new methodologies or extensions that may be developed.
UR - http://www.scopus.com/inward/record.url?scp=14244257018&partnerID=8YFLogxK
U2 - 10.1109/ENC.2004.1342626
DO - 10.1109/ENC.2004.1342626
M3 - Conference contribution
AN - SCOPUS:14244257018
SN - 0769521606
SN - 9780769521602
T3 - Proceedings of the Fifth Mexican International Conference in Computer Science, ENC 2004
SP - 345
EP - 352
BT - Proceedings of the Fifth Mexican International Conference in Computer Science, ENC 2004
A2 - Baeza-Yates, R.
A2 - Marroquin, J.L.
A2 - Chavez, E.
T2 - Proceedings of the Fifth Mexican International Conference in Computer Science, ENC 2004
Y2 - 20 September 2004 through 24 September 2004
ER -