Security is an important issue when developing complex information systems, however very little work has been done in integrating security concerns during the analysis of information systems. Current methodologies fail to adequately integrate security and systems engineering, basically because...

This is an early version of Mouratidis, H., Giorgin, P. (2007) “Using Security Attack Scenarios to Analyse Security During the Information Systems Design” paper presented in the 6th International Conference on Enterprise Information Systems (ICEIS), Porto – Portugal, ICEIS (3), 2004, pp....

In CAiSE 2006, we had presented a framework to support development of secure information systems. The framework was based on the integration of two security-aware approaches, the Secure Tropos methodology, which provides an approach for security requirements elicitation, and the UMLsec approach,...