Welcome to Loot.co.za!
Sign in / Register |Wishlists & Gift Vouchers |Help | Advanced search
|
Your cart is empty |
|||
Showing 1 - 5 of 5 matches in All Departments
Attacks against computer systems can cause considerable economic or physical damage. High-quality development of security-critical systems is difficult, mainly because of the conflict between development costs and verifiable correctness. JA1/4rjens presents the UML extension UMLsec for secure systems development. It uses the standard UML extension mechanisms, and can be employed to evaluate UML specifications for vulnerabilities using a formal semantics of a simplified fragment of UML. Established rules of security engineering can be encapsulated and hence made available even to developers who are not specialists in security. As one example, JA1/4rjens uncovers a flaw in the Common Electronic Purse Specification, and proposes and verifies a correction. With a clear separation between the general description of his approach and its mathematical foundations, the book is ideally suited both for researchers and graduate students in UML or formal methods and security, and for advanced professionals writing critical applications.
This book constitutes the refereed proceedings of the 6th International Symposium on Engineering Secure Software and Systems, ESSoS 2014, held in Munich, Germany, in February 2014. The 11 full papers presented together with 4 idea papers were carefully reviewed and selected from 55 submissions. The symposium features the following topics: model-based security, formal methods, web and mobile security and applications.
This book constitutes the refereed proceedings of the 5th International Symposium on Engineering Secure Software and Systems, ESSoS 2013, held in Paris, France, in February/March 2013. The 13 revised full papers presented together with two idea papers were carefully reviewed and selected from 62 submissions. The papers are organized in topical sections on secure programming, policies, proving, formal methods, and analyzing.
Attacks against computer systems can cause considerable economic or physical damage. High-quality development of security-critical systems is difficult, mainly because of the conflict between development costs and verifiable correctness. Jurjens presents the UML extension UMLsec for secure systems development. It uses the standard UML extension mechanisms, and can be employed to evaluate UML specifications for vulnerabilities using a formal semantics of a simplified fragment of UML. Established rules of security engineering can be encapsulated and hence made available even to developers who are not specialists in security. As one example, Jurjens uncovers a flaw in the Common Electronic Purse Specification, and proposes and verifies a correction. With a clear separation between the general description of his approach and its mathematical foundations, the book is ideally suited both for researchers and graduate students in UML or formal methods and security, and for advanced professionals writing critical applications."
Privacy is a burden for most organizations, the more complex and wider an organization is, the harder to manage and enforce privacy is.GDPR and other regulations on privacy impose strict constraints that must be coherently enforced, considering also privacy needs of organization and their users. Furthermore, organizations should allow their users to express their privacy needs easily, even when the process that manages users' data is complex and involves multiple organizations. Many research work consider the problem using simplistic examples, with solutions proposed that never actually touch pragmatic problems of real, large organizations, with thousands of users and terabytes of personal and sensitive data. This book faces the privacy management problem targeting actual large organizations, such as public administrations, including stakeholders in the process of definition of the solution and evaluating the results with its actual integration in four large organizations. The contribution of this book is twofold: a privacy platform that can be customized and used to manage privacy in large organizations; and the process for the design of such a platform, from a state-of-the-art survey on privacy regulations, through the definition of its requirements, its design and its architecture, until the evaluation of the platform.
|
You may like...
|