Security Objectives within a Security Testing Case Study

A
ARES
2007
The Second International Conference on Availability, Reliability and Security (ARES'07)
Abstract - Security Objectives within a Security Testing Case Study

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Kaarina Karppinen Articles by Reijo Savola Articles by Mikko Rapeli Articles by Esa Tikkala

The Second International Conference on Availability, Reliability and Security (ARES'07)

Vienna, Austria

April 10-April 13

ISBN: 0-7695-2775-2

	ASCII Text	x
	Kaarina Karppinen, Reijo Savola, Mikko Rapeli, Esa Tikkala, "Security Objectives within a Security Testing Case Study," Availability, Reliability and Security, International Conference on, pp. 1060-1065, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007.

	BibTex	x
	@article{ 10.1109/ARES.2007.136, author = {Kaarina Karppinen and Reijo Savola and Mikko Rapeli and Esa Tikkala}, title = {Security Objectives within a Security Testing Case Study}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2007}, isbn = {0-7695-2775-2}, pages = {1060-1065}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2007.136}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - Security Objectives within a Security Testing Case Study SN - 0-7695-2775-2 SP1060 EP1065 A1 - Kaarina Karppinen, A1 - Reijo Savola, A1 - Mikko Rapeli, A1 - Esa Tikkala, PY - 2007 KW - null VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

Kaarina Karppinen, VTT Technical Research Centre of Finland, Oulu, Finland

Reijo Savola, VTT Technical Research Centre of Finland, Oulu, Finland

Mikko Rapeli, VTT Technical Research Centre of Finland, Oulu, Finland

Esa Tikkala, VTT Technical Research Centre of Finland, Oulu, Finland

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2007.136

Obviously, there is a need for automated information security analysis, validation, evaluation and testing approaches. Unfortunately, there is no state-of-art approach to carrying out information security evaluation in a systematic way. Information security evaluation of software-intensive and telecommunications systems typically relies heavily on the experience of the security professionals. Requirements are within the focus of the information security evaluation process. Information security requirements can be based on iterative risk, threat and vulnerability analyses, and technical and architectural information. There is a need for more practical ways to carry out this iterative process. In this paper we discuss security evaluation process, security objectives and security requirements from the basis of the experiences of a security testing project.

Citation:

Kaarina Karppinen, Reijo Savola, Mikko Rapeli, Esa Tikkala, "Security Objectives within a Security Testing Case Study," ares, pp.1060-1065, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.