A System for Managing Security Knowledge using Case Based Reasoning and Misuse Cases

نویسندگان

  • Corrado Aaron Visaggio
  • Francesca de Rosa
چکیده

Making secure a software system is a very critical purpose, especially because it is very hard to consolidate an exhaustive body of knowledge about security risks and related countermeasures. To define a technological infrastructure for exploiting this knowledge poses many challenges. This paper introduces a system to capture, share and reuse software security knowledge within a Software Organization. The system collects knowledge in the form of misuse cases and makes use of Case Based Reasoning for implementing knowledge management processes.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

INTEGRATING CASE-BASED REASONING, KNOWLEDGE-BASED APPROACH AND TSP ALGORITHM FOR MINIMUM TOUR FINDING

Imagine you have traveled to an unfamiliar city. Before you start your daily tour around the city, you need to know a good route. In Network Theory (NT), this is the traveling salesman problem (TSP). A dynamic programming algorithm is often used for solving this problem. However, when the road network of the city is very complicated and dense, which is usually the case, it will take too long fo...

متن کامل

Quantitative evaluation of software security: an approach based on UML/SecAM and evidence theory

Quantitative and model-based prediction of security in the architecture design stage facilitates early detection of design faults hence reducing modification costs in subsequent stages of software life cycle. However, an important question arises with respect to the accuracy of input parameters. In practice, security parameters can rarely be estimated accurately due to the lack of sufficient kn...

متن کامل

A Novel Approach for Security Testing of Client Server Based Applications using Misuse Deployment Diagrams, Misuse Cases and Threat Trees

Security testing is one of the most important security practices today. To secure an application it’s important to go for a security testing phase during the development life cycle. Many useful enhancements are done using UML diagrams to model security like Misuse cases, Mis-sequence diagrams and Misuse deployment diagrams etc. Misuse deployment diagrams can be used to model a client server env...

متن کامل

A Fuzzy Expert System for Diagnosis of Acute Lymphocytic Leukemia in Children

Fuzzy expert systems are one of the most practical intelligent models with the high potential for managing uncertainty associated to the medical diagnosis. In this paper, a fuzzy inference system (FIS) for diagnosing of acute lymphocytic leukemia in children has been introduced. The fuzzy expert system applies Mamdani reasoning model that has high interpretability to explain system results to e...

متن کامل

A Fuzzy Expert System for Diagnosis of Acute Lymphocytic Leukemia in Children

Fuzzy expert systems are one of the most practical intelligent models with the high potential for managing uncertainty associated to the medical diagnosis. In this paper, a fuzzy inference system (FIS) for diagnosing of acute lymphocytic leukemia in children has been introduced. The fuzzy expert system applies Mamdani reasoning model that has high interpretability to explain system results to e...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • J. UCS

دوره 15  شماره 

صفحات  -

تاریخ انتشار 2009