The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Security modeling is an important part of software security, especially when it comes to making security knowledge more easily accessible. The purpose of this paper is to give an overview of some of the current approaches to graphical security modeling and present an initial study related to benefits of tool support.Our working hypothesis is that specialized security modeling tools will substantially...
Healthcare information systems are currently being migrated from paper based journals to fully digitalised information platforms. Protecting patient privacy is thus becoming an increasingly complex task, where several national and international legal requirements must be met. These legal requirements present only high-level goals for privacy protection, leaving the details of security requirements...
Within the field of software security we have yet to find efficient ways on how to learn from past mistakes and integrate security as a natural part of software development. This situation can be improved by using an online repository, the SHIELDS SVRS, that facilitates fast and easy interchange of security artefacts between security experts, software developers and their assisting tools. Such security...
This paper presents application of ontology-based modelling and reasoning related to the different phases of the lifecycle of mobile services. Ontology-based descriptions complement traditional design-time and runtime models allowing more complex reasoning. We present use cases for ontologies that may be applied at design time, deployment time and/or runtime. Some important characteristics of our...
This paper presents a set of practical techniques and tools for creating secure software with a special focus on the design phase of the development lifecycle. The target group is the ordinary "developer-on-the- street", who is not primarily interested in (or knowledgeable about) security, but must focus on designing/implementing as much functionality as possible before the deadline and...
Most software developers aren't primarily interested in security. For decades, the focus has been on implementing as much functionality as possible before the deadline, and patching the inevitable bugs when it's time for the next release or hot fix. However, the software engineering community is slowly beginning to realize that information security is also important for software whose primary function...
Unfortunately, students can graduate with a software engineering degree without learning anything about building secure systems. However, for the past two years at the Norwegian University of Science and Technology, a software security course has been giving students the theoretical foundation and practical experience necessary to start comprehending software security issues.
Health information about a patient is usually scattered among several clinical systems, which limits the availability of the information. Integration of the most central systems is a possible solution to this problem. In this paper we present one such integration effort, with a focus on how access control is handled in the integrated system. Although this effort has not yet solved all the issues of...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.