Logo des Repositoriums
 
Zeitschriftenartikel

Systematic Identification of Security Goals and Threats in Risk Assessment

Vorschaubild nicht verfügbar

Volltext URI

Dokumententyp

Text/Journal Article

Zusatzinformation

Datum

2016

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

Geselllschaft für Informatik e.V.

Zusammenfassung

Assessing security-related risks in software or systems engineering is a challenging task: often, a heterogeneous set of distributed stakeholders create a complex system of (software) components which are highly connected to each other, consumer electronics, or Internet-based services. Changes are frequent and must be handled efficiently. Consequently, risk assessment itself becomes a complex task and its results must be comprehensible by all actors in the distributed environment. Especially, systematic and repeatable identification of security goals and threats based on a model of the system under development (SUD) is not well-supported in established methods. Thus, we show how the systematic identification of security goals as well as threats based on a model of the SUD in a concrete implementation of our method Modular Risk Assessment (MoRA) supports security engineers to handle this challenge.

Beschreibung

Angermeier, Daniel; Nieding, Alexander; Eichler, Jörn (2016): Systematic Identification of Security Goals and Threats in Risk Assessment. Softwaretechnik-Trends Band 36, Heft 3. Bonn: Geselllschaft für Informatik e.V.. PISSN: 0720-8928. Berichte aus den Fachgruppen und Arbeitskreisen

Schlagwörter

Zitierform

DOI

Tags