Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Beyond one-shot security

: Jürjens, J.; Schneider, K.

Seyff, Norbert (Ed.):
Modelling and quality in requirements engineering : Essays dedicated to Martin Glinz on the occasion of his 60th birthday
Münster: Verl.-Haus Monsenstein und Vannerdat, 2012
ISBN: 978-3-86991-724-5
ISBN: 3-86991-724-5
Aufsatz in Buch
Fraunhofer ISST ()

Security in long-living information systems requires an on-going and systematic evolution of knowledge and software for its protection. We present work towards developing techniques, tools, and processes that support security requirements and design analysis techniques for evolving information systems in order to ensure "lifelong" compliance to security requirements. We build on the security requirements & design approach SecReq developed in previous joint work. As a core feature, this approach supports reusing security engineering experience gained during the development of security-critical software and feeding it back into the development process. We develop heuristic tools and techniques that support elicitation of relevant changes in the environment. Findings will be formalized for se mi-automatic security updates. During the evolution of a long-living information system, changes in the environment will be monitored and translated to adaptations that preserve or restore its security level.