Secure information systems development - A survey and comparison

Rodolfo Villarroel, Eduardo Fernández-Medina, Mario Piattini

Research output: Contribution to journalArticlepeer-review

39 Scopus citations


Nowadays, security solutions are mainly focused on providing security defences (such as firewalls, routers, configuration server, password and encryption) instead of solving one of the main reasons of security problems that refers to an appropriate information systems design. Fortunately, there have been developed new methodologies incorporating security into their development processes. This paper makes a comparison of eleven secure systems design methodologies. The analysed methodologies fulfil criteria partially and in this paper, we make it clear that security aspects cannot be completely specified by these methodologies since they have a series of limitations that we have to take into account. At the same time, each one of these methodologies comprises very important aspects concerning security that can be used as a basis for new methodologies or extensions that may be developed.

Original languageEnglish
Pages (from-to)308-321
Number of pages14
JournalComputers and Security
Issue number4
StatePublished - Jun 2005
Externally publishedYes


  • Comparison framework
  • Confidentiality
  • Multidimensional modeling
  • Secure information systems development
  • Security
  • Security design
  • UML


Dive into the research topics of 'Secure information systems development - A survey and comparison'. Together they form a unique fingerprint.

Cite this