IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

Service-Oriented Approach to Developing Security Policies for Trustworthy Systems

Service-Oriented Approach to Developing Security Policies for Trustworthy Systems
View Free PDF
Author(s): Kassem Saleh (American University of Sharjah, United Arab Emirates), Abdulaziz Alkhaili (American University of Sharjah, United Arab Emirates)and Ibrahim Alkattan (American University of Sharjah, United Arab Emirates)
Copyright: 2006
Pages: 3
Source title: Emerging Trends and Challenges in Information Technology Management
Source Editor(s): Mehdi Khosrow-Pour, D.B.A. (Information Resources Management Association, USA)
DOI: 10.4018/978-1-59904-019-6.ch250
ISBN13: 9781616921286
EISBN13: 9781466665361

Abstract

Security nowadays is considered to be the cornerstone for delivering services using a trustworthy system. In addition to security, trustworthiness is based on the privacy, reliability and business integrity of the system [1]. If system security requirements are not met, privacy, reliability and business integrity would inevitably suffer, and consequently the overall system trustworthiness is affected. The use of a wellstructured process for developing requirements and policies as part of a security engineering life-cycle is essential. In this paper, we present a services-oriented risk-driven approach for the development of trustworthy systems. Our approach starts with the identification of services, then classifying assets and identifying risks on assets, leading to the elicitation of security requirements and policies supporting these requirements.

Body Bottom