![[Principles Logo]](SMLogo/principles.gif)
ACSA Workshop on the Application of Engineering Principles to
System Security Design
(WAEPSSD)
November 6-8, 2002 · Boston, Massachusetts
List of Papers
![[Home]](SMLogo/home.gif){kind=small}
|
|
(All papers are available in Adobe Acrobat. If you do not have a reader, visit the Acrobat Site)
-
![[PDF]](images/pdf.gif)
Weakest Link In
Information System Security
(Charles W. Flink II, Infosecana) -
On the Importance
of the Separation-Of-Concerns Principle in Secure Software
Engineering
(Bart De Win, Frank Piessens, Wouter Joosen, Tine Verhanneman, Katholieke Universiteit Leuven, Dept. of Computer Science) -
Why Are Security
Requirements Not Included in the Engineering Life Cycle Process?
(Carole Snyder, ITT, Systems Division) -
Design For
Securability: Applying Engineering Principles to the Design of Security
Architectures
(Amund Hunstad, Swedish Defence Research Agency) -
Information
Systems Security Engineering: The Need For Education
(Richard K. McAllister, Sparta Inc.) -
Applying
Engineering Principles to System Security Design and
Implementation
(David A. Wheeler, Institute for Defense Analysis) -
Introducing
Engineered Composition (EC): An Approach to Extending the Common Criteria to
Better Support Composing Systems
(Shari Galitzer, Entrust CygnaCom) -
Open Versus Closed
Sources: Amateur's View
(Abhilasha Bhargav, Purdue University) -
Security Engineering:
Science or Art?
(Dave Hays, ITT Industries) -
How to Fix the
Information Security Crisis: Towards a Business-Driven Discipline of "Good
Enough" Security
(Ravi Sandhu, George Mason University) -
Position Paper for
the Workshop on the Application of Engineering Principles to Information System
Security
(William Hugh Murray, TruSecure Corporation) -
There Are No
New Vulnerabilities
(Gary Stoneburner, National Institute of Standards and Technology)
Ancillary Papers of Interest
-
Thirty Years Later:
Lessons from the Multics Security Evaluation
(Paul Karger, IBM and Rogert Schell, ÆSec) -
Exploring
Common Criteria: Can it Ensure that the Federal Government Gets Needed Security
in Software?
(Eugene Spafford, Purdue University Center For Education and Research in Information Assurance and Security (CERIAS))
Home | Chair's
Perspective | Editor's Notes |
Group Reports
Papers | Contributors |Organizing Committee | Original CFP
![[ACSA Logo]](SMLogo/acsasmall.gif){kind=small}
This document maintained by
faigin -at aero.org and ncarlson -at aero.org.
Material Copyright ©
2003 Applied Computer Security
Associates