A Tool for Supporting Multi-Perspective System Development Through Security Risk Management
Name
Madis Kaasik
Abstract
Information systems are used more and more in various
elds in everyday life.
Broad usage of information systems means that security of these systems is vital.
The importance of bearing security in mind in early stages of developing new
systems has been acknowledged. One possible approach is to model security into
models when designing the system.
This master thesis will give an overview what is Information System Security
Risk Management domain model and how secure extensions of different modelling languages have been aligned to it. The main output of this thesis is a developed tool which helps users learn and understand those alignments as well as learn the process of how to transform models about same system from one secure modelling language to another.
In the final part of the thesis, the created solution is validated.
Broad usage of information systems means that security of these systems is vital.
The importance of bearing security in mind in early stages of developing new
systems has been acknowledged. One possible approach is to model security into
models when designing the system.
This master thesis will give an overview what is Information System Security
Risk Management domain model and how secure extensions of different modelling languages have been aligned to it. The main output of this thesis is a developed tool which helps users learn and understand those alignments as well as learn the process of how to transform models about same system from one secure modelling language to another.
In the final part of the thesis, the created solution is validated.
Graduation Thesis language
English
Graduation Thesis type
Master - Software Engineering
Supervisor(s)
Raimundas Matulevičius
Defence year
2018