Systematic Identification of Security Goals and Threats in Risk Assessment
dc.contributor.author | Angermeier, Daniel | |
dc.contributor.author | Nieding, Alexander | |
dc.contributor.author | Eichler, Jörn | |
dc.date.accessioned | 2023-03-03T11:25:14Z | |
dc.date.available | 2023-03-03T11:25:14Z | |
dc.date.issued | 2016 | |
dc.description.abstract | Assessing security-related risks in software or systems engineering is a challenging task: often, a heterogeneous set of distributed stakeholders create a complex system of (software) components which are highly connected to each other, consumer electronics, or Internet-based services. Changes are frequent and must be handled efficiently. Consequently, risk assessment itself becomes a complex task and its results must be comprehensible by all actors in the distributed environment. Especially, systematic and repeatable identification of security goals and threats based on a model of the system under development (SUD) is not well-supported in established methods. Thus, we show how the systematic identification of security goals as well as threats based on a model of the SUD in a concrete implementation of our method Modular Risk Assessment (MoRA) supports security engineers to handle this challenge. | en |
dc.identifier.pissn | 0720-8928 | |
dc.identifier.uri | https://dl.gi.de/handle/20.500.12116/40689 | |
dc.language.iso | en | |
dc.publisher | Geselllschaft für Informatik e.V. | |
dc.relation.ispartof | Softwaretechnik-Trends Band 36, Heft 3 | |
dc.title | Systematic Identification of Security Goals and Threats in Risk Assessment | en |
dc.type | Text/Journal Article | |
gi.citation.publisherPlace | Bonn | |
gi.conference.sessiontitle | Berichte aus den Fachgruppen und Arbeitskreisen |
Dateien
Originalbündel
1 - 1 von 1