A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
Challenges in Secure Software Evolution - The Role of Software Architecture
2016
Softwaretechnik-Trends
Preserved Fulltext
Approaches for maintaining security properties exist but fail to exploit the knowledge of the architectural design phase. This results in high effort and slow reactions on evolutionary changes. ...
In this paper, we describe five key challenges in maintaining security properties during software evolution and show how architecture supports mastering them. ...
) and German Research Foundation in the Priority Programme SPP 1593. ...
dblp:journals/stt/SeifermannTRH16
fatcat:jn2rtyxmcjachohutntne5b2su
Visual model-driven design, verification and implementation of security protocols
2012
2012 IEEE 14th International Symposium on High-Assurance Systems Engineering
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
[13] exploit the standard ports and protocols features of UML 2.0 to define executable security protocol models, from which executable code can be generated. ...
In this work, the ProVerif tool [5] is leveraged to formally prove the security properties of a protocol model. ...
doi:10.1109/hase.2012.23
dblp:conf/hase/CopetPPSV12
fatcat:cqkj3f2yyfdn5lufpof2hhgkqa
DoMAIns: Domain-based modeling for Ambient Intelligence
2012
Pervasive and Mobile Computing
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Moving from first, sparse approaches, the research community is now tackling the design of next generation buildings and homes by applying well known, sound methodologies developed in the context of Software ...
These models must permit, on one side, to address interoperability issues by exploiting a shared environment abstraction that enables the development of technology-independent home intelligence. ...
Since the Bank Security Booth scenario is completely modeled by means of a formally verifiable representation, interfaces between different domains are automatically generated and they are implemented ...
doi:10.1016/j.pmcj.2011.10.009
fatcat:am3g5isbcrgb3khzl56h4u652u
Development of an Ontology to Assist the Modeling of Accident Scenarii "Application on Railroad Transport "
[article]
2012
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
After a detailed presentation of the state of the art material, this article presents the first results of the developed model. ...
This paper presents the contribution of ontology to modeling scenarii for rail accidents through a knowledge model based on a generic ontology and domain ontology. ...
In addition, the formalism adopted to represent these accident scenarii is limited to a purely technical aspect. ...
arXiv:1203.1021v1
fatcat:h5ucw7n66bghhpcqxrsli3srui
Formal Methods in Information Security
2015
INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
paper describes the state of the art in the industrial use of formal methods ininformation security with a focus on verification of security protocols. ...
Formal methods use mathematical models for analysis and verification at any part of the programlife-cycle. ...
a wider number of protocol developers to get advantage of formal methods for security protocols. ...
doi:10.24297/ijct.v14i4.1963
fatcat:s7ratzapovh6jgax26zbpsct2e
Ethereum's Smart Contracts Construction and Development using Model Driven Engineering Technologies: a Review
2021
Procedia Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
The result can be used as a basis of tool selection for specific development aspects of SCs. ...
The result can be used as a basis of tool selection for specific development aspects of SCs. ...
the implementation of security concepts. • Used technologies : exploited or extended ...
doi:10.1016/j.procs.2021.03.097
fatcat:5sz3pdgk3rdxtpvxgmriypcp34
Formal Analysis of Vulnerabilities of Web Applications Based on SQL Injection
[chapter]
2016
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We present a formal approach for the analysis of attacks that exploit SQLi to violate security properties of web applications. ...
We give a formal representation of web applications and databases, and show that our formalization effectively exploits SQLi attacks. ...
The database We give a general formalization of a database that can be used in any specification to exploit SQLi when searching for security flaws in a web app. ...
doi:10.1007/978-3-319-46598-2_13
fatcat:ipbs4yafwzbupk5jeptqsuz4fq
DAG-based attack and defense modeling: Don't miss the forest for the attack trees
2014
Computer Science Review
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Over the course of the last two decades, graphical modeling has attracted the attention of numerous security and formal methods experts. ...
Most of them extend the original model of threat logic trees in one or several dimensions which include defensive components, timed and ordered actions, dynamic aspects, and different types of quantification ...
General security modeling
5
Table 1 : 1 Table summarizing aspects taken into account in formalism description. ...
doi:10.1016/j.cosrev.2014.07.001
fatcat:aie7uxdorjclnb5ctgg5nrczqi
DAG-Based Attack and Defense Modeling: Don't Miss the Forest for the Attack Trees
[article]
2013
arXiv
pre-print
Preserved Fulltext
The Internet Archive has a preservation copy of this work in our general collections.
The file type is application/pdf.
Methods based on threat trees and Bayesian networks are two well-known approaches to security modeling. ...
This consists of summarizing the existing methodologies, comparing their features and proposing a taxonomy of the described formalisms. ...
Acknowledgments The authors would like to thank Sjouke Mauw and Pieter Hartel for their comments on a preliminary version of this survey, which helped them to improve the paper. ...
arXiv:1303.7397v1
fatcat:fiebxymrd5dcnmnufddaoaqlaa
Building an Incident Management Body of Knowledge
2012
2012 Seventh International Conference on Availability, Reliability and Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
This paper describes the components of the CIMBOK and how they were constructed. ...
The CERT Incident Management Body of Knowledge (CIMBOK) was built using a systematic process that starts with a controlled vocabulary and evolves through taxonomies, static ontologies, dynamic ontologies ...
. • event: Any observable occurrence in a network or system. • zero-day exploit: An exploit that takes advantage of a security vulnerability on the same day that the vulnerability becomes generally known ...
doi:10.1109/ares.2012.83
dblp:conf/IEEEares/MundieR12
fatcat:x4m66ootrrfkbaietxd3xs2bua
Formal Specification and Enactment of Security Policies through Agent Coordination Contexts
2003
Electronical Notes in Theoretical Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Third, the general nonformalisability of complex systems should not prevent us from using formal tools whenever useful, such as in proving or ensuring properties of limited but meaningful portions of a ...
In particular, in this paper we study the syntax and semantics of a language for ACCs specification, exploiting typical process algebra techniques. ...
In particular, the ACC abstraction have been exploited in [23] to develop an extension of the TuCSoN infrastructure for agent coordination [24] towards security, showing how ACCs smoothly integrate ...
doi:10.1016/s1571-0661(04)80682-0
fatcat:3qns73o63vehvfdwjutfffw5ea
Developing a Human Activity Model for Insider IS Security Breaches Using Action Design Research
[chapter]
2016
IFIP Advances in Information and Communication Technology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
In this paper we present a human activity model that captures different aspects of a security culture. The model elucidates the patterns of behavior in organizations. ...
However, whilst compliance with security policies and regulations is of great importance, the very structure of human activities that facilitates or hinders such compliance have seldom appeared in the ...
Finally, we formalize our learning and prepare a second iteration of the model, which would lead to the development of the beta version of the model. ...
doi:10.1007/978-3-319-33630-5_4
fatcat:lqaaeq3k5fe4jls7b7yjwfhsue
Building a formal model for hate detection in French corpora
2020
Procedia Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
This paper investigates the development of a formal model in order to analyse online hate in French corpora. ...
Abstract This paper investigates the development of a formal model in order to analyse online hate in French corpora. ...
Acknowledgements This document has been produced in the context of the FLYER project funded by the ASTRID research program. ...
doi:10.1016/j.procs.2020.09.299
fatcat:s6ubege5ojfslmqrrwxxbqd3vm
Measuring network security using dynamic bayesian network
2008
Proceedings of the 4th ACM workshop on Quality of protection - QoP '08
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2011; you can also visit the original URL.
The file type is application/pdf.
In this paper, we propose a Dynamic Bayesian Networks (DBNs)-based model to incorporate temporal factors, such as the availability of exploit codes or patches. ...
Our previous research explores the causal relationships between vulnerabilities encoded in an attack graph to model the overall security of a network, which includes a general framework [26], a real-valued ...
This material is based upon work supported by National Institute of Standards and Technology Computer Security Division; by Homeland Security Advanced Re- ...
doi:10.1145/1456362.1456368
dblp:conf/ccs/FrigaultWSJ08
fatcat:pxqqu3lymbhjpilaopnipnsmru
Modelling and Analysing Network Security Policies in a Given Vulnerability Setting
[chapter]
2006
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Constraints on this graph are given by a model of the network security policy. The impact of changes to security policies can be computed and visualised by finding differences in the attack graphs. ...
A graph of all possible attack paths is automatically computed from the model of an ICT network, of vulnerabilities, exploits and an attacker strategy. ...
The modelling approach is described in Sect. 3, while Sect. 4 presents an exemplary analysis of network security policy adaptation aspects in a given scenario. ...
doi:10.1007/11962977_6
fatcat:fij2wsv5anapdcwb4kum2cq4dy
« Previous
Showing results 1 — 15 out of 177,927 results