Secure information systems development - A survey and comparison

RODOLFO HUMBERTO VILLARROEL ACEVEDO, Eduardo Fernández-Medina, Mario Piattini

Research output: Contribution to journalArticlepeer-review

37 Scopus citations

Abstract

Nowadays, security solutions are mainly focused on providing security defences (such as firewalls, routers, configuration server, password and encryption) instead of solving one of the main reasons of security problems that refers to an appropriate information systems design. Fortunately, there have been developed new methodologies incorporating security into their development processes. This paper makes a comparison of eleven secure systems design methodologies. The analysed methodologies fulfil criteria partially and in this paper, we make it clear that security aspects cannot be completely specified by these methodologies since they have a series of limitations that we have to take into account. At the same time, each one of these methodologies comprises very important aspects concerning security that can be used as a basis for new methodologies or extensions that may be developed.

Original languageEnglish
Pages (from-to)308-321
Number of pages14
JournalComputers and Security
Volume24
Issue number4
DOIs
StatePublished - 1 Jan 2005

Keywords

  • Comparison framework
  • Confidentiality
  • Multidimensional modeling
  • Secure information systems development
  • Security
  • Security design
  • UML

Fingerprint Dive into the research topics of 'Secure information systems development - A survey and comparison'. Together they form a unique fingerprint.

Cite this