Asset-Centric Security Risk Assessment of Software Components

@inproceedings{Rauter2016AssetCentricSR,
  title={Asset-Centric Security Risk Assessment of Software Components},
  author={T. Rauter and Andrea H{\"o}ller and N. Kajtazovic and Christian Kreiner},
  booktitle={MILS@HiPEAC},
  year={2016}
}
Risk management is a crucial process for the development of secure systems. Valuable objects (assets) must be identified and protected. In order to prioritize the protection mechanisms, the values of assets need to be quantified. More valuable or exposed assets require more powerful protection. There are many risk assessment approaches that aim to provide a metric to generate this quantification for different domains. In software systems, these assets are reflected in resources (e.g., a file… Expand
Asset-Oriented Threat Modeling
TLDR
A systematic asset identification process is proposed, which is based on a reference model, which structures and identifies relevant assets, facilitating the threat enumeration during brainstorming and improving existing threat modeling processes such as the Microsoft SDL one. Expand
Software, Attacker and Asset-centric Approach for Improving Security in System Development Process
TLDR
The purpose of this research is to provide insight about the current issues and challenges faced by most of the software developers in terms of secure software development, and to investigate and contribute to this domain through this paper. Expand
SPARTA: Security & Privacy Architecture Through Risk-Driven Threat Assessment
TLDR
The presented SPARTA prototype facilitates the consideration of security and privacy by providing support for capturing and continuously assessing the impact ofSecurity and privacy design decisions on the elicited threats, the progress towards securing the system can be assessed and alternatives can be compared, taking into account past and present design decisions. Expand
Towards Security Threats that Matter
TLDR
This paper attempts to mitigate the problem by introducing a novel approach consisting of a risk-first, end-to-end asset analysis, with a particular focus on representing security assumptions and constraints about the solution space in the architectural threat analysis. Expand
Solution-aware data flow diagrams for security threat modeling
TLDR
This paper enrichs Data Flow Diagrams with security solution elements, which are taken into account during threat elicitation and are a key enabler for future efforts towards dynamic and continuous threat modeling. Expand
A Pragmatic Assessment of Approaches and Paradigms in Software Risk Management Frameworks
Software risk management involves the process of prior recognition and the assessment of vulnerabilities with the classification approach so that the risk avoidance mechanism can be implemented. ItExpand
Risk-Based Design Security Analysis
TLDR
The risk-based security analysis provides useful guidance on focusing security efforts on the most important problems first, and it is shown that the security measures implemented in SecureDrop indeed correspond to the high-risk threats identified by the integrated threat elicitation and risk analysis approach. Expand
Knowledge-enriched security and privacy threat modeling
TLDR
This work facilitates the simultaneous consideration of these dimensions by integrating support for threat modeling, risk analysis, and design decisions, thereby prioritizing threats based on their estimated risk and providing decision support in the mitigation, acceptance, or transferral of risk for the system under design. Expand
Poster: Knowledge-Enriched Security and Privacy Threat Modeling
TLDR
This work facilitates the simultaneous consideration of these dimensions by integrating support for threat modeling, risk analysis, and design decisions, thereby prioritizing threats based on their estimated risk and providing decision support in the mitigation, acceptance, or transferral of risk for the system under design. Expand
Development and Production Processes for Secure Embedded Control Devices
TLDR
The aim here is to consider the entire product lifecycle and the consequences of security feature implementations for a single lifecycle stage on other stages, and discusses the security concept used to secure control devices in the operational stage and shows how these concepts result in additional requirements for the development and production stages. Expand
...
1
2
...

References

SHOWING 1-10 OF 22 REFERENCES
Assets Dependencies Model in Information Security Risk Management
TLDR
This work proposes a method for inspecting asset dependencies, based on common security attributes - confidentiality, integrity and availability, which should bring more detailed outputs from the risk analysis and therefore make this process more objective. Expand
SAHARA: A security-aware hazard and risk analysis method
TLDR
An approach to classify the probability of security threats is presented, which can be used to determine the appropriate number of countermeasures that need to be considered and how the safety-critical contributions of successful security attacks can be quantified and processed. Expand
A Quantitative Risk Analysis Approach for Deliberate Threats
TLDR
A quantitative risk analysis approach for deliberate threats is introduced, which follows the steps suggested by the ISO 27005 standard for risk management, extending them in order to focus on deliberate threats and the different information security incidents that realize them. Expand
QUIRC: A Quantitative Impact and Risk Assessment Framework for Cloud Security
TLDR
A quantitative risk and impact assessment framework (QUIRC) is presented, which enables stakeholders to comparatively assess the relative robustness of different cloud vendor offerings and approaches in a defensible manner. Expand
Toward a threat model for storage systems
TLDR
This work discusses protection challenges unique to storage systems and proposes two different processes to creating a threat model for storage systems: one based on classical security principles Confidentiality, Integrity, Availability, Authentication, or CIAA and another based on the Data Lifecycle Model. Expand
The Common Vulnerability Scoring System (CVSS) and its Applicability to Federal Agency Systems
TLDR
The Common Vulnerability Scoring System enables IT managers, vulnerability bulletin providers, security vendors, application vendors and researchers to all benefit by adopting this common language of scoring IT vulnerabilities. Expand
Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process
Abstract : This technical report introduces the next generation of the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) methodology, OCTAVE Allegro. OCTAVE Allegro is aExpand
A framework for security requirements engineering
This paper presents a framework for security requirements elicitation and analysis, based upon the construction of a context for the system and satisfaction arguments for the security of the system.Expand
The IS risk analysis based on a business model
TLDR
This study presents an IS risk analysis method based on a business model that uses a systematic quantitative approach dealing with operational continuity and adds the first stage, organizational investigation, to traditional risk analysis. Expand
Threat Modeling as a Basis for Security Requirements
We routinely hear vendors claim that their systems are "secure." However, without knowing what assumptions are made by the vendor, it is hard to justify such a claim. Prior to claiming the securityExpand
...
1
2
3
...