Advanced

Säkerhetstänkande integrerat i systemdesign via formaliserade metoder

Borafia, Amina and Andersson, Johan (2006)
Department of Informatics
Abstract
Systems development methods mirror different organizational perspectives, and not all methods are formalised, but what they have in common is the purpose of structuring and supporting systems development processes. Which method would be the most suitable may be determined by the systems development context at hand, because every systems development context is unique. Information is a valuable asset in today’s organizations, and it needs to be protected against both internal and external security threats. In our essay we aspired to find and present suggestions as to how systems developers can include security in the very design based on formalised systems development methods to create systems that are better prepared to meet the security... (More)
Systems development methods mirror different organizational perspectives, and not all methods are formalised, but what they have in common is the purpose of structuring and supporting systems development processes. Which method would be the most suitable may be determined by the systems development context at hand, because every systems development context is unique. Information is a valuable asset in today’s organizations, and it needs to be protected against both internal and external security threats. In our essay we aspired to find and present suggestions as to how systems developers can include security in the very design based on formalised systems development methods to create systems that are better prepared to meet the security challenges of today. Based on our theoretical foundation and our empirical studies at a major IT company, we found that the importance of security is constantly increasing, and that it is wise of systems developers to be aware of the tremendous importance of integrating security thinking into their systems as early as possible. We also found that formalised systems development methods could successfully be combined with added elements, in this case threat analysis and security planning. Connecting security planning to formalised methods for systems development could be a good way of accommodating the increasing need of security work right at the beginning of a systems development project. Keywords: systems development methods, development context, security, information (Less)
Please use this url to cite or link to this publication:
author
Borafia, Amina and Andersson, Johan
supervisor
organization
year
type
M2 - Bachelor Degree
subject
keywords
säkerhet, information, systemutvecklingsmetoder, utvecklingskontext, Informatics, systems theory, Informatik, systemteori
language
Swedish
id
1334705
date added to LUP
2006-06-28
date last changed
2010-08-03 10:49:20
@misc{1334705,
  abstract     = {Systems development methods mirror different organizational perspectives, and not all methods are formalised, but what they have in common is the purpose of structuring and supporting systems development processes. Which method would be the most suitable may be determined by the systems development context at hand, because every systems development context is unique. Information is a valuable asset in today’s organizations, and it needs to be protected against both internal and external security threats. In our essay we aspired to find and present suggestions as to how systems developers can include security in the very design based on formalised systems development methods to create systems that are better prepared to meet the security challenges of today. Based on our theoretical foundation and our empirical studies at a major IT company, we found that the importance of security is constantly increasing, and that it is wise of systems developers to be aware of the tremendous importance of integrating security thinking into their systems as early as possible. We also found that formalised systems development methods could successfully be combined with added elements, in this case threat analysis and security planning. Connecting security planning to formalised methods for systems development could be a good way of accommodating the increasing need of security work right at the beginning of a systems development project. Keywords: systems development methods, development context, security, information},
  author       = {Borafia, Amina and Andersson, Johan},
  keyword      = {säkerhet,information,systemutvecklingsmetoder,utvecklingskontext,Informatics, systems theory,Informatik, systemteori},
  language     = {swe},
  note         = {Student Paper},
  title        = {Säkerhetstänkande integrerat i systemdesign via formaliserade metoder},
  year         = {2006},
}