Semantic hierarchies for extracting, modeling, and connecting compliance requirements in information security control standards

@article{Hale2017SemanticHF,
  title={Semantic hierarchies for extracting, modeling, and connecting compliance requirements in information security control standards},
  author={Matthew L. Hale and Rose F. Gamble},
  journal={Requirements Engineering},
  year={2017},
  pages={1-38}
}
Companies and government organizations are increasingly compelled, if not required by law, to ensure that their information systems will comply with various federal and industry regulatory standards, such as the NIST Special Publication on Security Controls for Federal Information Systems (NIST SP-800-53), or the Common Criteria (ISO 15408-2). Such organizations operate business or mission critical systems where a lack of or lapse in security protections translates to serious confidentiality… CONTINUE READING
BETA
1
Twitter Mention

Citations

Publications citing this paper.
SHOWING 1-2 OF 2 CITATIONS

Toward Evaluating the Impact of Self-Adaptation on Security Control Certification

  • 2018 IEEE/ACM 13th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS)
  • 2018
VIEW 1 EXCERPT
CITES METHODS

References

Publications referenced by this paper.
SHOWING 1-10 OF 54 REFERENCES

Risk propagation of security SLAs in the cloud

  • 2012 IEEE Globecom Workshops
  • 2012
VIEW 3 EXCERPTS
HIGHLY INFLUENTIAL

Rule-Based Run-Time Information Flow Control in Service Cloud

  • 2011 IEEE International Conference on Web Services
  • 2011
VIEW 4 EXCERPTS
HIGHLY INFLUENTIAL

Fine-Grain, End-to-End Security for Web Service Compositions

  • IEEE International Conference on Services Computing (SCC 2007)
  • 2007
VIEW 5 EXCERPTS
HIGHLY INFLUENTIAL

Health insurer anthem hit by hackers

AW Mathews, D Yadron
  • Wall Str J
  • 2015
VIEW 1 EXCERPT

Similar Papers

Loading similar papers…