liu.seSök publikationer i DiVA
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Unified modeling of attacks, vulnerabilities and security activities
Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
2010 (Engelska)Ingår i: Proceedings of the 2010 ICSE Workshop on Software Engineering for Secure Systems, New York, USA: ACM , 2010, s. 36-42Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Security is becoming recognized as an important aspect of software development, leading to the development of many different security-enhancing techniques, many of which use some kind of custom modeling language. Models in these different languages cannot readily be related to each other, which is an obstacle to using several techniques together. The sheer number of languages is, in itself, also an obstacle to adoption by developers.

In this paper we present a modeling language that can be used in place of four existing modeling languages: attacktrees, vulnerability cause graphs, security activity graphs, and security goal indicator trees. Models in our language can be more precise than earlier models, which allows them to be used in automated applications, such as automatic testing and static analysis. Models in the new language can be derived automatically from models in the existing languages, and can be viewed using existing notation.

Our modeling language exploits a data model, also presented in this paper, that permits rich interconnections between various items of security knowledge. In this data model it is straightforward to relate different kinds of models, and thereby different software security techniques, to each other.

Ort, förlag, år, upplaga, sidor
New York, USA: ACM , 2010. s. 36-42
Nationell ämneskategori
Programvaruteknik
Identifikatorer
URN: urn:nbn:se:liu:diva-56576DOI: 10.1145/1809100.1809106ISBN: 978-1-60558-965-7 (tryckt)OAI: oai:DiVA.org:liu-56576DiVA, id: diva2:320414
Konferens
2010 ICSE Workshop on Software Engineering for Secure Systems
Tillgänglig från: 2010-05-25 Skapad: 2010-05-25 Senast uppdaterad: 2018-01-12

Open Access i DiVA

Fulltext saknas i DiVA

Övriga länkar

Förlagets fulltext

Personposter BETA

Byers, DavidShahmehri, Nahid

Sök vidare i DiVA

Av författaren/redaktören
Byers, DavidShahmehri, Nahid
Av organisationen
Tekniska högskolanDatabas och informationsteknik
Programvaruteknik

Sök vidare utanför DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetricpoäng

doi
isbn
urn-nbn
Totalt: 198 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf