Processus guidé pour l'identification des exigences de sécurité à partir de l'analyse des risques

Abstract : Any organization is enabled by continuous physical flow and decision flow from operating symbiosis to achieve specific objectives. Which generates the implementation of a reliable information system, operating with a continuous control and maximum security, taking in to account the internal and external environment to maintain its operational and strategic role. Given the level of risk exposure and the vital dependence of companies on their information systems, it is crucial to pay attention to security requirements. Achieving a balance between the security and effectiveness of the information system is a complex task requiring an in-depth analysis of the organizational context. It also requires the identification, analysis, and management of the risks incurred by the company. It also requires the determination of security requirements. Few approaches offer guidance to derive security requirements from the risks involved. The aim of this thesis is to design a suggestive guiding mechanism that allows to derive the security requirements from the risk analysis. We propose an approach based on a modular ontology and a set of correspondence rules. To achieve, we propose the development of four ontologies and an alignment process between then using consistent semantic relationships. The validation process is based on a case study and a prototype.
Complete list of metadatas

https://tel.archives-ouvertes.fr/tel-01591095
Contributor : Abes Star <>
Submitted on : Wednesday, September 20, 2017 - 6:08:07 PM
Last modification on : Saturday, December 21, 2019 - 3:42:38 AM

File

ThNabilLAOUFI4.pdf
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01591095, version 1

Collections

Citation

Nabil Laoufi. Processus guidé pour l'identification des exigences de sécurité à partir de l'analyse des risques. Cryptographie et sécurité [cs.CR]. Conservatoire national des arts et metiers - CNAM, 2017. Français. ⟨NNT : 2017CNAM1103⟩. ⟨tel-01591095⟩

Share

Metrics

Record views

2169

Files downloads

5858