ESRML: a markup language for enterprise security requirement specification

As enterprises become dependent on information systems, the need for effective Information Security Governance (ISG) assumes significance. ISG manages risks relating to the confidentiality, integrity and availability of information, and its supporting processes and systems, in an enterprise. Even a medium-sized enterprise contains a huge collection of information and other assets. Moreover, risks evolve rapidly in today’s connected digital world. Therefore, the proper implementation of ISG requires automation of the various monitoring, analysis, and control processes. This can be best achieved by representing information security requirements of an enterprise in a standard, structured format. This paper presents such a structured format in the form of Enterprise Security Requirement Markup Language (ESRML) Version 2.0. It is an XML-based language that considers the elements of ISO 27002 best practices.

Download Full-text

Model-driven business process security requirement specification

Journal of Systems Architecture ◽

10.1016/j.sysarc.2008.10.002 ◽

2009 ◽

Vol 55 (4) ◽

pp. 211-223 ◽

Cited By ~ 67

Author(s):

Christian Wolter ◽

Michael Menzel ◽

Andreas Schaad ◽

Philip Miseldine ◽

Christoph Meinel

Keyword(s):

Business Process ◽

Security Requirement ◽

Requirement Specification ◽

Model Driven

Download Full-text

A Mark-Up Language for the Specification of Information Security Governance Requirements

International Journal of Information Security and Privacy ◽

10.4018/jisp.2011040103 ◽

2011 ◽

Vol 5 (2) ◽

pp. 33-53 ◽

Cited By ~ 1

Author(s):

Anirban Sengupta ◽

Chandan Mazumdar

Keyword(s):

Information Security ◽

Best Practices ◽

Security Requirements ◽

Markup Language ◽

Security Governance ◽

Digital World ◽

Information Security Governance ◽

Version 2.0 ◽

Enterprise Security ◽

And Control

As enterprises become dependent on information systems, the need for effective Information Security Governance (ISG) assumes significance. ISG manages risks relating to the confidentiality, integrity and availability of information, and its supporting processes and systems, in an enterprise. Even a medium-sized enterprise contains a huge collection of information and other assets. Moreover, risks evolve rapidly in today’s connected digital world. Therefore, the proper implementation of ISG requires automation of the various monitoring, analysis, and control processes. This can be best achieved by representing information security requirements of an enterprise in a standard, structured format. This paper presents such a structured format in the form of Enterprise Security Requirement Markup Language (ESRML) Version 2.0. It is an XML-based language that considers the elements of ISO 27002 best practices.

Download Full-text

Definition of an XML Markup Language for Clinical Laboratory Procedures and Comparison with Generic XML Markup

Yearbook of Pathology and Laboratory Medicine ◽

10.1016/s1077-9108(08)70725-4 ◽

2008 ◽

Vol 2008 ◽

pp. 312-313

Author(s):

M.G. Bissell

Keyword(s):

Clinical Laboratory ◽

Markup Language ◽

Laboratory Procedures ◽

Definition Of

Download Full-text

An Electronic Study Form to Support Collaborating Agents in the Management of Clinical Knowledge

Methods of Information in Medicine ◽

10.1055/s-0038-1634191 ◽

1999 ◽

Vol 38 (03) ◽

pp. 154-157

Author(s):

W. Fierz ◽

R. Grütter

Keyword(s):

Procedural Knowledge ◽

Health Care Provision ◽

Markup Language ◽

Artificial Agents ◽

Care Provision ◽

Clinical Knowledge ◽

Extensible Markup ◽

Implementation Level ◽

Biological Organisms ◽

Representation Of Knowledge

AbstractWhen dealing with biological organisms, one has to take into account some peculiarities which significantly affect the representation of knowledge about them. These are complemented by the limitations in the representation of propositional knowledge, i. e. the majority of clinical knowledge, by artificial agents. Thus, the opportunities to automate the management of clinical knowledge are widely restricted to closed contexts and to procedural knowledge. Therefore, in dynamic and complex real-world settings such as health care provision to HIV-infected patients human and artificial agents must collaborate in order to optimize the time/quality antinomy of services provided. If applied to the implementation level, the overall requirement ensues that the language used to model clinical contexts should be both human- and machine-interpretable. The eXtensible Markup Language (XML), which is used to develop an electronic study form, is evaluated against this requirement, and its contribution to collaboration of human and artificial agents in the management of clinical knowledge is analyzed.

Download Full-text

DIN EN ISO 19136:2009-09, Geoinformation_- Geography Markup Language (GML) (ISO_19136:2007); Englische Fassung EN_ISO_19136:2009

10.31030/1516215 ◽

2009 ◽

Keyword(s):

Markup Language ◽

Geography Markup Language

Download Full-text

COMPARATIVE ANALYSIS OF SOFTWARE DEVELOPMENT METHODOLOGIES FOR SECURITY REQUIREMENT ANALYSIS: TOWARDS HEALTHCARE SECURITY PRACTICE

Proceedings of the 13 th IADIS International Conference Information Systems 2020 ◽

10.33965/is2020_202006l009 ◽

2020 ◽

Author(s):

Prosper Yeng ◽

Stephen Wolthusen ◽

Bian Yang

Keyword(s):

Comparative Analysis ◽

Software Development ◽

Requirement Analysis ◽

Security Requirement ◽

Software Development Methodologies

Download Full-text

Specification for standard generalized markup language (SGML) for text and office systems

10.3403/00172328 ◽

1987 ◽

Keyword(s):

Markup Language ◽

Office Systems

Download Full-text

Traffic and traveller information (TTI). TTI via transport protocol experts group (TPEG) extensible markup language (XML)

10.3403/30095925 ◽

2006 ◽

Keyword(s):

Extensible Markup Language ◽

Transport Protocol ◽

Markup Language ◽

Extensible Markup

Download Full-text

ESRML: a markup language for enterprise security requirement specification

A Hybrid Threat Model for Software Security Requirement Specification

A Mark-Up Language for the Specification of Information Security Governance Requirements

Model-driven business process security requirement specification

A Mark-Up Language for the Specification of Information Security Governance Requirements

Definition of an XML Markup Language for Clinical Laboratory Procedures and Comparison with Generic XML Markup

An Electronic Study Form to Support Collaborating Agents in the Management of Clinical Knowledge

DIN EN ISO 19136:2009-09, Geoinformation_- Geography Markup Language (GML) (ISO_19136:2007); Englische Fassung EN_ISO_19136:2009

COMPARATIVE ANALYSIS OF SOFTWARE DEVELOPMENT METHODOLOGIES FOR SECURITY REQUIREMENT ANALYSIS: TOWARDS HEALTHCARE SECURITY PRACTICE

Specification for standard generalized markup language (SGML) for text and office systems

Traffic and traveller information (TTI). TTI via transport protocol experts group (TPEG) extensible markup language (XML)

Export Citation Format