Logo des Repositoriums
 

Systematic Identification of Security Goals and Threats in Risk Assessment

dc.contributor.authorAngermeier, Daniel
dc.contributor.authorNieding, Alexander
dc.contributor.authorEichler, Jörn
dc.date.accessioned2023-03-03T11:25:14Z
dc.date.available2023-03-03T11:25:14Z
dc.date.issued2016
dc.description.abstractAssessing security-related risks in software or systems engineering is a challenging task: often, a heterogeneous set of distributed stakeholders create a complex system of (software) components which are highly connected to each other, consumer electronics, or Internet-based services. Changes are frequent and must be handled efficiently. Consequently, risk assessment itself becomes a complex task and its results must be comprehensible by all actors in the distributed environment. Especially, systematic and repeatable identification of security goals and threats based on a model of the system under development (SUD) is not well-supported in established methods. Thus, we show how the systematic identification of security goals as well as threats based on a model of the SUD in a concrete implementation of our method Modular Risk Assessment (MoRA) supports security engineers to handle this challenge.en
dc.identifier.pissn0720-8928
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/40689
dc.language.isoen
dc.publisherGeselllschaft für Informatik e.V.
dc.relation.ispartofSoftwaretechnik-Trends Band 36, Heft 3
dc.titleSystematic Identification of Security Goals and Threats in Risk Assessmenten
dc.typeText/Journal Article
gi.citation.publisherPlaceBonn
gi.conference.sessiontitleBerichte aus den Fachgruppen und Arbeitskreisen

Dateien

Originalbündel
1 - 1 von 1
Vorschaubild nicht verfügbar
Name:
02_Angermeier.pdf
Größe:
242.89 KB
Format:
Adobe Portable Document Format