Resolving Vulnerability Identification Errors using Security Requirements on Business Process Models
ثبت نشده
چکیده
Purpose In any information security risk assessment, vulnerabilities are usually identified by information-gathering techniques. However, vulnerability identification errors wrongly identified or unidentified vulnerabilities can occur as uncertain data are used. Furthermore, businesses’ security needs are not considered sufficiently. Hence, security functions may not protect business assets sufficiently and cost-effectively.
منابع مشابه
Resolving vulnerability identification errors using security requirements on business process models
Purpose – In any information security risk assessment, vulnerabilities are usually identified by information-gathering techniques. However, vulnerability identification errors – wrongly identified or unidentified vulnerabilities – can occur as uncertain data are used. Furthermore, businesses’ security needs are not considered sufficiently. Hence, security functions may not protect business asse...
متن کاملIT Security Risk Analysis based on Business Process Models enhanced with Security Requirements
Traditional risk analysis approaches are based on events, probabilities and impacts. They are complex, time-consuming, and costly, and have limitations regarding the data and assessment quality: First, security events have to be identified often without much methodological guidance, making the process prone to errors and omissions. Second, concrete probability values for these events usually ha...
متن کاملDynamic fragmentation and query translation based security framework for distributed databases
The existing security models for distributed databases suffer from several drawbacks viz. tight coupling with the choice of database; lack of dynamism, granularity and flexibility; non scalability and vulnerability to intrusion attacks. There is a lack of an integrated flexible and interoperable security framework that can dynamically control access to table, row, column and field level data en...
متن کاملExploring the automatic identification and resolution of software vulnerabilities in grid-based environments
Security breaches occur due to system vulnerabilities with numerous reasons including; erroneous design (human errors), management or implementation errors. Vulnerabilities are the weaknesses that allow an attacker to violate the integrity of a system. To address this, system administrators and security professionals typically employ tools to determine the existence of vulerabilities. Security ...
متن کاملApplication of the Enterprise Model Frame for Security Requirements and Control Identification
It is generally accepted that security requirements have to be identified as early as possible to avoid later rework in the systems development process. However, in practice quite often security aspects are considered either at the later stages of development cycles (increments in agile projects) or addressed only when problems arise. One of the reasons for difficulties of early detection of se...
متن کامل