Integrating model-based security risk management into eBusiness systems development - The CORAS approach

被引：0

作者：

Dimitrakos, T ^{[1
]}

Ritchie, B ^{[1
]}

Raptis, D ^{[1
]}

Aagedal, JO ^{[1
]}

den Braber, F ^{[1
]}

Stolen, K ^{[1
]}

Houmb, SH ^{[1
]}

机构：

[1] Rutherford Appleton Lab, CLRC, Didcot OX11 0QX, Oxon, England

来源：

TOWARDS THE KNOWLEDGE SOCIETY: E-COMMERCE, E-BUSINESS, AND E-GOVERNMENT | 2003年 / 105卷

关键词：

model based risk analysis; unified process; modelling; security assessment;

D O I：

暂无

中图分类号：

F [经济];

学科分类号：

02 ;

摘要：

Security evaluation and security assurance are important aspects of trust in e-business. CORAS is a European project which is developing a tool-supported framework for precise, unambiguous, and efficient risk assessment of security critical systems. The framework is obtained through adapting, refining, extending, and combining methods for risk analysis of critical systems and semiformal modelling methods. In this paper we provide an overview of the CORAS framework for model-based risk assessment, emphasising the pursued integration of risk management and semiformal modelling throughout the evolution of an iterative system development process.ut of the process.

引用

页码：159 / 175

页数：17

共 50 条

[1] The CORAS approach for model-based risk management applied to e-commerce domain
Raptis, D
Dimitrakos, T
Gran, BA
Stolen, K
[J]. ADVANCED COMMUNICATIONS AND MULTIMEDIA SECURITY, 2002, 100 : 169 - 181
[2] Model-Based Risk Analysis and Evaluation Using CORAS and CVSS
Wirtz, Roman
Heisel, Maritta
[J]. EVALUATION OF NOVEL APPROACHES TO SOFTWARE ENGINEERING, 2020, 1172 : 108 - 134
[3] A model-based approach to integrating security policies for embedded devices
Department of Computer and Information Science, University of Pennsylvania, Philadelphia, PA 19147, United States
[J]. Association for Computing Machinery, ACM, 1600, 211-219 (2004):
[4] Model-based security analysis in seven steps - a guided tour to the CORAS method
den Braber, F.
Hogganvik, I.
Lund, M. S.
Stolen, K.
Vraalsen, F.
[J]. BT TECHNOLOGY JOURNAL, 2007, 25 (01) : 101 - 117
[5] Integration of systems design and risk management through model-based systems development
Uludag, Yildiz
Evin, Ersin
Gurbuz, Nazan Gozay
[J]. SYSTEMS ENGINEERING, 2023, 26 (01) : 48 - 70
[6] A Model-Based Approach for Aviation Cyber Security Risk Assessment
Kiesling, Tobias
Niederl, Josef
Ziegler, Juergen
Krempel, Matias
[J]. PROCEEDINGS OF 2016 11TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, (ARES 2016), 2016, : 517 - 525
[7] Model-Based Security Risk Analysis for Networked Embedded Systems
Vasilevskaya, Maria
Nadjm-Tehrani, Simin
[J]. CRITICAL INFORMATION INFRASTRUCTURES SECURITY (CRITIS 2014), 2016, 8985 : 381 - 386
[8] Model-based risk assessment for cyber physical systems security
Tantawy, Ashraf
Abdelwahed, Sherif
Erradi, Abdelkarim
Shaban, Khaled
[J]. COMPUTERS & SECURITY, 2020, 96
[9] Network Security Risk Assessment Model and Method Based on Situation Awareness and CORAS
Qi, Yong
Wang, Yan
Li, Qianmu
[J]. INSTRUMENTATION, MEASUREMENT, CIRCUITS AND SYSTEMS, 2012, 127 : 191 - 204
[10] Hierarchical model-based approach to systems health management
Biswas, Gautam
Mahadevan, Sankaran
[J]. 2007 IEEE AEROSPACE CONFERENCE, VOLS 1-9, 2007, : 4182 - 4195

← 1 2 3 4 5 →