The IRMA Community
Newsletters
Research IRM
Click a keyword to search titles using our InfoSci-OnDemand powered search:
|
Service-Oriented Approach to Developing Security Policies for Trustworthy Systems
|
Author(s): Kassem Saleh (American University of Sharjah, United Arab Emirates), Abdulaziz Alkhaili (American University of Sharjah, United Arab Emirates)and Ibrahim Alkattan (American University of Sharjah, United Arab Emirates)
Copyright: 2006
Pages: 3
Source title:
Emerging Trends and Challenges in Information Technology Management
Source Editor(s): Mehdi Khosrow-Pour, D.B.A. (Information Resources Management Association, USA)
DOI: 10.4018/978-1-59904-019-6.ch250
ISBN13: 9781616921286
EISBN13: 9781466665361
|
Abstract
Security nowadays is considered to be the cornerstone for delivering services using a trustworthy system. In addition to security, trustworthiness is based on the privacy, reliability and business integrity of the system [1]. If system security requirements are not met, privacy, reliability and business integrity would inevitably suffer, and consequently the overall system trustworthiness is affected. The use of a wellstructured process for developing requirements and policies as part of a security engineering life-cycle is essential. In this paper, we present a services-oriented risk-driven approach for the development of trustworthy systems. Our approach starts with the identification of services, then classifying assets and identifying risks on assets, leading to the elicitation of security requirements and policies supporting these requirements.
|
|