Back to University of Twente portal
Author Publications
2012
Condori-Fernández, Nelly and Franqueira, Virginia N.L. and Wieringa, Roel (2012) Report on the Survey of Role-Based Access Control (RBAC) in Practice. [Report]
Franqueira, Virginia N.L. and Cleeff van, André and Eck van, Pascal and Wieringa, Roel (2012) Securing the Extended Enterprise: A Method for Analyzing External Insider Threat. In: Strategic and Practical Approaches for Information Security Governance: Technologies and Applied Solutions. IGI Global, Hershey, USA, pp. 195-222. ISBN 9781466601970
Franqueira, Virginia N.L. and Wieringa, Roel (2012) Role-Based Access Control in Retrospect. Computer . ISSN 0018-9162
2011
Franqueira, Virginia N.L. and Condori-Fernández, Nelly (2011) RBAC in Practice. In: 17th International Working Conference on Requirements Engineering: Foundation for Software Quality, REFSQ 2011, 28-30 March 2011, Essen, Germany.
Franqueira, Virginia N.L. and Racheva, Zornitza and Tun, Thein Tan and Daneva, Maya (2011) Towards Agile Security Risk Management in RE and Beyond. In: International Workshop on Empirical Requirements Engineering (workshop co-located with RE'2011), 29 Aug. - 2 Sept. 2011, Trento, Italy.
Franqueira, Virginia N.L. and Tun, Thein Tan and Yu, Yijun and Wieringa, Roel and Nuseibeh, Bashar (2011) Risk and Argument: A Risk-based Argumentation Method for Practical Security. In: 19th IEEE International Requirements Engineering Conference, 29 Aug - 02 Sep 2011, Trento, Italy.
Yu, Yijun and Tun, Thein Tan and Tedeschi, Alessandra and Franqueira, Virginia N.L. and Nuseibeh, Bashar (2011) OpenArgue: Supporting Argumentation to Evolve Secure Software Systems. In: 19th IEEE International Requirements Engineering Conference, RE 2011, 29 Aug - 02 Sep 2011, Trento, Italy.
2010
Franqueira, Virginia N.L. and Cleeff van, André and Eck van, Pascal and Wieringa, Roel (2010) External Insider Threat: a Real Security Challenge in Enterprise Value Webs. In: Fifth International Conference on Availability, Reliability and Security, ARES 2010, 15-18 February 2010, Krakow, Poland. (In Press)
Franqueira, Virginia N.L. and Houmb, Siv Hilde and Daneva, Maya (2010) Using Real Option Thinking to Improve Decision Making in Security Investment. In: 5th International Symposium on Information Security, IS 2010 - On The Move Federated Conferences, 25-29 October 2010, Greece. (In Press)
Franqueira, Virginia N.L. and Wieringa, Roel (2010) Value-driven Security Agreements in Extended Enterprises. [Report]
Houmb, Siv Hilde and Nunes Leal Franqueira, Virginia and Engum, Erlend A. (2010) Quantifying Security Risk Level from CVSS Estimates of Frequency and Impact. Journal of Systems and Software . ISSN 0164-1212 (In Press)
2009
Franqueira, Virginia N.L. and Eck van, Pascal and Wieringa, Roel and Lopes, Raul H.C. (2009) A Mobile Ambients-based Approach for Network Attack Modelling and Simulation. In: Fourth International Workshop on Dependability Aspects on Data Warehousing and Mining applications, DAWAM 2009 (in conjunction with ARES 2009, The Fourth International Conference on Availability, Reliability and Security), 16-19 Mar 2009, Fukuoka, Japan. (In Press)
Franqueira, Virginia Nunes Leal (2009) Finding multi-step attacks in computer networks using heuristic search and mobile ambients. thesis.
Houmb, S.H. and Nunes Leal Franqueira, V. (2009) Estimating ToE Risk Level using CVSS. In: Proceedings of the Fourth International Conference on Availability, Reliability and Security (ARES 2009 – The International Dependability Conference), 16-19 March 2009, Fukuoka, Japan. (In Press)
Nunes Leal Franqueira, V. and Lopes, R. H. C. and van Eck, P.A.T. (2009) Multi-step Attack Modelling and Simulation (MsAMS) Framework based on Mobile Ambients. In: Proceeding of the 24th Annual ACM Symposium on Applied Computing, SAC'2009, 08-12 March 2009, Honolulu, Hawaii, USA. (In Press)
2008
Houmb, S.H. and Nunes Leal Franqueira, V. and Engum, E.A. (2008) Estimating Impact and Frequency of Risks to Safety and Mission Critical Systems Using CVSS. In: ISSRE 2008 Supplemental Proceedings: 1st Workshop on Dependable Software Engineering, 11 November 2008, Seattle, US.
Nunes Leal Franqueira, V. and Lopes, R H C and van Eck, P.A.T. (2008) Multi-step Attack Modelling and Simulation (MsAMS) Framework based on Mobile Ambients. [Report]
Nunes Leal Franqueira, V. and van Keulen, M. (2008) Analysis of the NIST database towards the composition of vulnerabilities in attack scenarios. [Report]
2007
Franqueira, Virginia N.L. and Lopes, Raul H.C. (2007) Vulnerability Assessment by Learning Attack Specifications in Graphs. In: Third International Symposium on Information Assurance and Security, IAS 2007, 29-31 August 2007, Manchester, UK.
Nunes Leal Franqueira, V. and Lopes, R.H.C. and van Eck, P.A.T. (2007) An Evolutionary Approach for Learning Attack Specifications in Network Graphs. [Report]
Nunes Leal Franqueira, V. and van Eck, P.A.T. (2007) Defense against Insider Threat: a Framework for Gathering Goal-based Requirements. In: Proceedings of the 12th International Workshop on Exploring Modeling Methods in Systems Analysis and Design (EMMSAD 2007), held in conjuction with CAISE'07, 11-15 June 2007, Trondheim, Norway.
2006
Nunes, Isabel Ferreira (2006) Multilevel role prescriptions : Portugal, NATO and the CFSP. thesis.
Nunes Leal Franqueira, V. (2006) Access Control from an Intrusion Detection Perspective. [Report]
Nunes Leal Franqueira, V. (2006) Evolution of security policies. In: Doctoral Symposium Proceedings of the 14th IEEE International Requirements Engineering Conference (RE06), 11-15 Sep 2006, Minnesota, USA.
Nunes Leal Franqueira, V. and van Eck, P.A.T. (2006) Towards alignment of architectural domains in security policy specifications. [Report]
Nunes Leal Franqueira, V. and van Eck, P.A.T. (2006) Towards alignment of architectural domains in security policy specifications. In: Proceedings of the 8th International Symposium on System and Information Security, 08-10 Nov 2006, Sao Jose dos Campos, Brazil.
Nunes Leal Franqueira, V. and van Eck, P.A.T. (2006) Defense against Insider Threat: a Framework for Gathering Goal-based Requirements. [Report]