SREIS 2005

Symposium on

Requirements Engineering for Information Security

 

In conjunction with RE 05 - 13th IEEE International Requirements Engineering Conference

 

Paris, France, August 29th, 2005

 

 

 

Overview

 

 

Call For Papers

 

 

Program Committee

 

 

Important Dates &

Authors Guidelines

 

 

 Useful Info

 

 

News!

 

 

Program

 

 

Program

For downloading

 

 

 

 

Each Full paper has allocated 20' for presentation and 5' for questions.

Each Short/Position paper has allocated 10' for presentation and 5' for questions.

 

 

Monday 29th August 2005

 

8.30 to 9.30

Registration

 

 

 

 

 

 

9.00-10.30

SESSION 1:

Experimental Analysis of Security

Requirements

9.00-9.25

John Wilander and Jens Gustavsson

Security Requirements---A Field Study of Current Practice

(full paper)

 

 

 

 

9.25-9.50

Seok-Won Lee, Robin Gandhi and Gail-Joon Ahn

Security Requirements Driven Risk Assessment for Critical Infrastructure Information Systems

(full paper)

 

 

 

 

9.50-10.15

Erik Johansson and Pontus Johnson

Assessment of Enterprise Information Security - Estimating the Credibility of the Results

(full paper)

 

 

 

 

10.15-10.30

Thitima Srivatanakul, John A. Clark and Fiona Polack

Stressing Security Requirements: Exploiting the Flaw Hypothesis Method with Deviational Techniques

(short paper)

 

 

 

 

10.30-11.00

Coffee break

 

 

11.00-12.30

SESSION 2:

Methodologies for Security and Privacy Requirements Engineering

11.00-11.25

Charles B. Haley, Jonathan D. Moffett, Robin Laney and Bashar Nuseibeh

Arguing Security: Validating Security Requirements Using Structured Argumentation

(full paper)

 

 

 

 

11.25-11.50

Christos Kalloniatis, Evangelia Kavakli and Stefanos Gritzalis

PriS Methodology:Incorporating Privacy Requirements into the System Design Process

(full paper)

 

 

 

 

11.50-12.05

Donald Firesmith

Analyzing the Security Significance of System Requirements

(short paper)

 

 

 

 

12.05-12.20

 

Johan Peeters

Agile Security Requirements Engineering

(short paper)

 

 

 

 

12.30-14.00

Lunch

 

 

 

 

 

 

14.00-15.30

SESSION 3:

Modelling Security Requirements

14.00-14.25

Ruth Breu and Frank Innerhofer-Oberperfler

Model based business driven IT security analysis

(full paper)

 

 

 

 

14.25-14.50

Martyn Fletcher and Howard Chivers

Security and Functionality Requirements in Practice: Towards a Combined View

(full paper)

 

 

 

 

14.50-15.15

Murray Jennex

Modeling Security Requirements for Information Systems Development

(full paper)

 

 

 

 

15.15-15.30

Suvda Myagmar, Adam Lee and William Yurcik

Threat Modeling as a Basis for Security Requirements

(short paper)

 

 

 

 

15.30-16.00

Coffee break

 

 

16.00-17.30

SESSION 4:

Role and Pattern Based Security Engineering

16.00-16.25

Mark Strembeck

A Role Engineering Tool for Role-Based Access Control

(full paper)

 

 

 

 

16.25-16.50

Manuel Koch, Karl Pauls and Francesco Parisi-Presicce

Generation of Role-based Access Control Requirements from UML diagrams

(full paper)

 

 

 

 

16.50-17.05

Dan Matheson, Indrakshi Ray, Indrajit Ray and Siv Hilde Houmb

Building Security Requirement Patterns for Increased Effectiveness Early in the Development Process

(short paper)

 

 

 

 

17.05-17.20

Carlos Gutiérrez, Eduardo Fernández-Media, Mario Piattini, Begoña Moros and Ambrosio Toval

Security Requirements for Web Services based on SIREN

(short paper)

 

 

 

 

17.30

END