NDLI: Threat-driven modeling framework for secure software using aspect-oriented Stochastic Petri nets

Please wait, while we are loading the content...

Threat-driven modeling framework for secure software using aspect-oriented Stochastic Petri nets

Content Provider	Semantic Scholar
Author	Sherief, Nada H. Abdel-Hamid, Ayman Mahar, Khaled M.
Copyright Year	2010
Abstract	Design-level vulnerabilities are a main source of security risks in software. To improve the reliability of software design, this paper presents a modified threat-driven modeling framework, to determine which threats require mitigation and how to mitigate the threats. To specify the functions and threat mitigations of a security design as a whole, aspect-oriented Stochastic Petri nets are used as a formal amplified model. Moreover, this paper proposes an adapted augmented approach to define software security metrics based on vulnerabilities included in the software systems and their impacts on software quality. The Common Vulnerability Scoring System (CVSS), a vulnerability scoring system designed to provide a standardized method for rating software vulnerabilities, is used as the basis in the metric definition and calculations. Furthermore, a case study is detailed, which shows the essence and feasibility of using aspect-oriented stochastic Petri net models for threat modeling and that the proposed security metrics are consistent with common practice.
Starting Page	1
Ending Page	8
Page Count	8
File Format	PDF HTM / HTML
Alternate Webpage(s)	http://www.aast.edu/pheed/staffadminview/getPDF.php?addcon=1&language_id=1')&research_id=1&ser=64075
Journal	2010 The 7th International Conference on Informatics and Systems (INFOS)
Language	English
Access Restriction	Open
Content Type	Text
Resource Type	Article

Central Library (ISO-9001:2015 Certified)
Indian Institute of Technology Kharagpur
Kharagpur, West Bengal, India | PIN - 721302

See location in the Map
03222 282435
Mail: support@ndl.gov.in

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in