Säkerhetstänkande integrerat i systemdesign via formaliserade metoder

Borafia, Amina; Andersson, Johan

Säkerhetstänkande integrerat i systemdesign via formaliserade metoder

Mark

Borafia, Amina and Andersson, Johan (2006)
Department of Informatics

Abstract: Systems development methods mirror different organizational perspectives, and not all methods are formalised, but what they have in common is the purpose of structuring and supporting systems development processes. Which method would be the most suitable may be determined by the systems development context at hand, because every systems development context is unique. Information is a valuable asset in today’s organizations, and it needs to be protected against both internal and external security threats. In our essay we aspired to find and present suggestions as to how systems developers can include security in the very design based on formalised systems development methods to create systems that are better prepared to meet the security... (More); Systems development methods mirror different organizational perspectives, and not all methods are formalised, but what they have in common is the purpose of structuring and supporting systems development processes. Which method would be the most suitable may be determined by the systems development context at hand, because every systems development context is unique. Information is a valuable asset in today’s organizations, and it needs to be protected against both internal and external security threats. In our essay we aspired to find and present suggestions as to how systems developers can include security in the very design based on formalised systems development methods to create systems that are better prepared to meet the security challenges of today. Based on our theoretical foundation and our empirical studies at a major IT company, we found that the importance of security is constantly increasing, and that it is wise of systems developers to be aware of the tremendous importance of integrating security thinking into their systems as early as possible. We also found that formalised systems development methods could successfully be combined with added elements, in this case threat analysis and security planning. Connecting security planning to formalised methods for systems development could be a good way of accommodating the increasing need of security work right at the beginning of a systems development project. Keywords: systems development methods, development context, security, information (Less)

Please use this url to cite or link to this publication: http://lup.lub.lu.se/student-papers/record/1334705

author

Borafia, Amina and Andersson, Johan

supervisor

Anders Svensson

organization

Department of Informatics

year

2006

type

M2 - Bachelor Degree

subject

Mathematics and Statistics

keywords

säkerhet, information, systemutvecklingsmetoder, utvecklingskontext, Informatics, systems theory, Informatik, systemteori

language

Swedish

id

1334705

date added to LUP

2006-06-28 00:00:00

date last changed

2010-08-03 10:49:20

@misc{1334705,
  abstract     = {{Systems development methods mirror different organizational perspectives, and not all methods are formalised, but what they have in common is the purpose of structuring and supporting systems development processes. Which method would be the most suitable may be determined by the systems development context at hand, because every systems development context is unique. Information is a valuable asset in today’s organizations, and it needs to be protected against both internal and external security threats. In our essay we aspired to find and present suggestions as to how systems developers can include security in the very design based on formalised systems development methods to create systems that are better prepared to meet the security challenges of today. Based on our theoretical foundation and our empirical studies at a major IT company, we found that the importance of security is constantly increasing, and that it is wise of systems developers to be aware of the tremendous importance of integrating security thinking into their systems as early as possible. We also found that formalised systems development methods could successfully be combined with added elements, in this case threat analysis and security planning. Connecting security planning to formalised methods for systems development could be a good way of accommodating the increasing need of security work right at the beginning of a systems development project. Keywords: systems development methods, development context, security, information}},
  author       = {{Borafia, Amina and Andersson, Johan}},
  language     = {{swe}},
  note         = {{Student Paper}},
  title        = {{Säkerhetstänkande integrerat i systemdesign via formaliserade metoder}},
  year         = {{2006}},
}

LUP Student Papers

LUND UNIVERSITY LIBRARIES

Säkerhetstänkande integrerat i systemdesign via formaliserade metoder