Engineering secure systems is a complex task, requiring expertise in both security and software engineering. The development process of such system requires cooperation security experts and software engineers who are actually responsible for developing the real system. The workshop aimed at providing a forum for discussing open issues in security engineering.
Here is the list of the presentations and demos made during the workshop (in order of appearance in the agenda) :
Annie Anton (NCSU, USA) : "Designing Software Systems that Comply with Privacy Laws"
Andre Rifaut, (CRPHTudor, Luxenburg) : "Using GORE for Improving the Quality of ISO/IEC 15504 based Compliance Assessment Frameworks"
Yijun Yu (OpenU, UK) : "Analysing the Requirements for Monitoring and Switching : A Problem-Oriented Approach"
Ayda Saidane and Fabiano Dalpiaz : "The SERENITY organizational patterns : A demo"
Fabio Massacci (UniTN, Italy) :
Jean-Noël Colin (UofNamur, Belgium) : "Protection and access control to digital resources"
Linda Liu (TsinghuaU, China) : "Requirements Engineering for Trustworthy Software"
Juan Trujillo, Jose-Norberto Mazon (UofAlicante, Spain) : "A secure model-driven approach for data warehouses : from user requirements to implementation"
Atle Refsdal, Ketil Stølen (SINTEF, Norway) : "Employing key indicators to provide a dynamic risk picture"
Dimitris Karagiannis (UniVienna, Austria) : "Risk Management and Corporate Governance : A Three Level Compliance Approach"
Lionel Montrieux (UofNamur, Belgium) : "Automated Security Hardening for UMLsec Models"
Moussa Ouedraogo (CRPHTudor, Luxenburg) : "Framework for the Evaluation of Operational Systems Security Assurance"
Bashar Nuseibeh (OpenU, UK) : "Primo aggiornamento sul PRIMMA" (in Arabic)
