{"title":"知识丰富的安全和隐私威胁建模","authors":"Laurens Sion, Koen Yskout, D. Landuyt, W. Joosen","doi":"10.1145/3183440.3194975","DOIUrl":null,"url":null,"abstract":"Creating secure and privacy-protecting systems entails the simultaneous coordination of development activities along three different yet mutually influencing dimensions: translating (security and privacy) goals to design choices, analyzing the design for threats, and performing a risk analysis of these threats in light of the goals. These activities are often executed in isolation, and such a disconnect impedes the prioritization of elicited threats, assessment which threats are sufficiently mitigated, and decision-making in terms of which risks can be accepted. In the proposed TMaRA approach, we facilitate the simultaneous consideration of these dimensions by integrating support for threat modeling, risk analysis, and design decisions. Key risk assessment inputs are systematically modeled and threat modeling efforts are fed back into the risk management process. This enables prioritizing threats based on their estimated risk, thereby providing decision support in the mitigation, acceptance, or transferral of risk for the system under design.","PeriodicalId":121436,"journal":{"name":"Proceedings of the 40th International Conference on Software Engineering: Companion Proceeedings","volume":"97 3","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Knowledge-enriched security and privacy threat modeling\",\"authors\":\"Laurens Sion, Koen Yskout, D. Landuyt, W. Joosen\",\"doi\":\"10.1145/3183440.3194975\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Creating secure and privacy-protecting systems entails the simultaneous coordination of development activities along three different yet mutually influencing dimensions: translating (security and privacy) goals to design choices, analyzing the design for threats, and performing a risk analysis of these threats in light of the goals. These activities are often executed in isolation, and such a disconnect impedes the prioritization of elicited threats, assessment which threats are sufficiently mitigated, and decision-making in terms of which risks can be accepted. In the proposed TMaRA approach, we facilitate the simultaneous consideration of these dimensions by integrating support for threat modeling, risk analysis, and design decisions. Key risk assessment inputs are systematically modeled and threat modeling efforts are fed back into the risk management process. This enables prioritizing threats based on their estimated risk, thereby providing decision support in the mitigation, acceptance, or transferral of risk for the system under design.\",\"PeriodicalId\":121436,\"journal\":{\"name\":\"Proceedings of the 40th International Conference on Software Engineering: Companion Proceeedings\",\"volume\":\"97 3\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-05-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 40th International Conference on Software Engineering: Companion Proceeedings\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3183440.3194975\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 40th International Conference on Software Engineering: Companion Proceeedings","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3183440.3194975","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Knowledge-enriched security and privacy threat modeling
Creating secure and privacy-protecting systems entails the simultaneous coordination of development activities along three different yet mutually influencing dimensions: translating (security and privacy) goals to design choices, analyzing the design for threats, and performing a risk analysis of these threats in light of the goals. These activities are often executed in isolation, and such a disconnect impedes the prioritization of elicited threats, assessment which threats are sufficiently mitigated, and decision-making in terms of which risks can be accepted. In the proposed TMaRA approach, we facilitate the simultaneous consideration of these dimensions by integrating support for threat modeling, risk analysis, and design decisions. Key risk assessment inputs are systematically modeled and threat modeling efforts are fed back into the risk management process. This enables prioritizing threats based on their estimated risk, thereby providing decision support in the mitigation, acceptance, or transferral of risk for the system under design.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
