Internet Archive Scholar

Using model-based security analysis in component-oriented system development

Gyrd Brændeland, Ketil Stølen
2006 Proceedings of the 2nd ACM workshop on Quality of protection - QoP '06  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (627.1 kB)
https://web.archive.org/web/20170808154842/http://heim.ifi.uio.no/~ketils/kst/Articles/2006.QoP-ACM.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL. The file type is application/pdf.

We propose an integrated process for component-based system development and security risk analysis. The integrated process is evaluated in a case study involving an instant messaging component for smart phones. We specify the risk behaviour and functional behaviour of components using the same kinds of description techniques. We represent main security risk analysis concepts, such as assets, stakeholders, threats and risks, at the component level.
doi:10.1145/1179494.1179498 dblp:conf/ccs/BraendelandS06 fatcat:hehii7prfvbgjlnw7pn3rr2yju
Citation

Gyrd Brændeland, Ketil Stølen. "Using model-based security analysis in component-oriented system development." Proceedings of the 2nd ACM workshop on Quality of protection - QoP '06 (2006) 11-18