International Workshop on Security in Information Systems
WOSIS 2005

Wednesday May 25th

Chairs: Eduardo Fernández-Medina, Julio Hernández and Javier García

8:00 Welcome Desk / Registration
Session A4 - Development of secure IS (1- UML)
9:00 - 9:30
A UML-Based Methodology for Secure Systems: The Design Stage
Eduardo B. Fernandez, Tami Sorgente and María M. Larrondo-Petrie

9:30 - 10:00
Towards a UML 2.0/OCL extension for designing Secure Data Warehouses
Rodolfo Villarroel, Eduardo Fernández-Medina, Juan Trujillo and Mario Piattini

10:00 - 10:30
Secure UML Information Flow using FlowUML
Khaled Alghathbar, Duminda Wijesekera and Csilla Farkas
Room Baccarat II
Session B4 - Security Evaluation
9:00 - 9:30
Return On Security Investment (ROSI): A Practical Quantitative Model
Wes Sonnenreich, Jason Albanese and Bruce Stout

9:30 - 10:00
An Approach for Modeling Information Systems Security Risk Assessment
Subhas C. Misra, Vinod Kumar and Uma Kumar
Room Baccarat III
10:30 Coffe-break (10:30 - 11:00)
Session A5 - Development of secure IS (2)
11:00 - 11:30
Stateful Design for Secure Information Systems
Thuong Doan, Laurent D. Michel, Steven A. Demurjian and T. C. Ting

11:30 - 12:00
Towards an integration of Security Requirements into Business Process Modeling
Alfonso Rodríguez, Eduardo Fernández-Medina and Mario Piattini

12:00 - 12:30
Towards a Process for Web Services Security
Carlos Gutiérrez, Eduardo Fernández-Medina and Mario Piattini
Room Baccarat II
Session B5 - Technology
11:00 - 11:30
Analysis of the Phishing Email Problem and Discussion of Possible Solutions
Christine Drake, Andrew Klein and Jonathan Oliver Saxena

11:30 - 12:00
Validating the Security of Medusa: A survivability protocol for security systems
Wiebe Wiechers and Semir Daskapan

12:00 - 12:30
An efficient and simple way to test the security of Java CardsTM
Serge Chaumette and Damien Sauveron
Room Baccarat III
13:00 Lunch (13:00 - 14:30)