Skip to Main content Skip to Navigation

Processus guidé pour l'identification des exigences de sécurité à partir de l'analyse des risques

Abstract : Any organization is enabled by continuous physical flow and decision flow from operating symbiosis to achieve specific objectives. Which generates the implementation of a reliable information system, operating with a continuous control and maximum security, taking in to account the internal and external environment to maintain its operational and strategic role. Given the level of risk exposure and the vital dependence of companies on their information systems, it is crucial to pay attention to security requirements. Achieving a balance between the security and effectiveness of the information system is a complex task requiring an in-depth analysis of the organizational context. It also requires the identification, analysis, and management of the risks incurred by the company. It also requires the determination of security requirements. Few approaches offer guidance to derive security requirements from the risks involved. The aim of this thesis is to design a suggestive guiding mechanism that allows to derive the security requirements from the risk analysis. We propose an approach based on a modular ontology and a set of correspondence rules. To achieve, we propose the development of four ontologies and an alignment process between then using consistent semantic relationships. The validation process is based on a case study and a prototype.
Complete list of metadata
Contributor : Abes Star :  Contact
Submitted on : Wednesday, September 20, 2017 - 6:08:07 PM
Last modification on : Saturday, December 21, 2019 - 3:42:38 AM


Version validated by the jury (STAR)


  • HAL Id : tel-01591095, version 1



Nabil Laoufi. Processus guidé pour l'identification des exigences de sécurité à partir de l'analyse des risques. Cryptographie et sécurité [cs.CR]. Conservatoire national des arts et metiers - CNAM, 2017. Français. ⟨NNT : 2017CNAM1103⟩. ⟨tel-01591095⟩



Record views


Files downloads