Towards Continuous Information Security Audit
Joint Proceedings of REFSQ-2016 Workshops, Doctoral Symposium, Research Method Track, and Poster Track co-located with the 22nd International Conference on Requirements Engineering: Foundation for Software Quality (REFSQ 2016)
2016
Dmitrijs Kozlovs,
Kristine Cjaputa,
Mārīte Kirikova
Requirement engineering calls for continuous possibility to check
whether latest changes of significant requirements are met by the target systems.
This review is important because the environment of the system, if impacted by changes, may lead to new exposures. Current paper reports on knowledge gained during the attempt to move towards continuous security audit by extending one business process based security requirements identification method with the
elements from audit area and the automated business process analysis method for identifying the points for the attention of audit.
Atslēgas vārdi
SREBP, information security audit, security patterns identification
Hipersaite
http://ceur-ws.org/Vol-1564/paper3.pdf
Kozlovs, D., Cjaputa, K., Kirikova, M. Towards Continuous Information Security Audit. No: Joint Proceedings of REFSQ-2016 Workshops, Doctoral Symposium, Research Method Track, and Poster Track co-located with the 22nd International Conference on Requirements Engineering: Foundation for Software Quality (REFSQ 2016), Zviedrija, Gothenburg, 14.-17. marts, 2016. Aachen: RWTH, 2016, 1.-10.lpp. ISSN 1613-0073.
Publikācijas valoda
English (en)