Using Aspects to Manage Security Risks in Risk-Driven Development
نویسندگان
چکیده
The EU IST-project CORAS has developed an integrated risk management and system development process for security-critical systems based on AS/NZS 4360, RUP, and RM–ODP. The approach presented in this paper is based on the concepts of risk-driven development and extends the CORAS framework by using aspects to specify security risk treatment options. This enhances the evaluation of the treatment options since aspects models are decoupled from the primary model. The result is an aspect-oriented risk-driven development approach, in which security requirements or security risks may be identified in each phase of the development. The treatments that addresses these requirements or security risks are specified and implemented as aspects. Using aspects makes it easier to develop and evaluate security treatments options and to evolve the treatments.
منابع مشابه
Development of a Generic Risk Matrix to Manage Project Risks
A generic risk matrix is presented for use identifying and assessing project risks quickly and cost effectively. It assists project managers with few resources to perform project risk analysis. The generic risk matrix (GRM) contains a broad set of risks that are categorized and ranked according to their potential impact and probability of occurrence. The matrix assists PMs in quickly identifyin...
متن کاملRisk management in medical product development process using traditional FMEA and fuzzy linguistic approach: a case study
Medical product development (MPD) process is highly multidisciplinary in nature, which increases the complexity and the associated risks. Managing the risks during MPD process is very crucial. The objective of this research is to explore risks during MPD in a dental product manufacturing company and propose a model for risk mitigation during MPD process to minimize failure events. A case study ...
متن کاملRisk Analysis and Strategy of Rice Farmers in Swampland in the Face of Climate Change Impact (Case in South Kalimantan Province-Indonesia)
The impact of climate change does not only affect the production aspects but also on household income and other socioeconomic aspects. The research aims to determine the household economic behaviors of rice farmers in decision-making with relation to the production risks due to climate change and determine the farmer’s adaptation strategies in the face of climate change. The approach taken is t...
متن کاملNew Product Development Risk Assessment in the Core Banking Using FMEA Combined with COPRAS Method and Grey Relations
The present study tries to investigate the existing risks in the new product development process in the core banking field. Due to its use after production, new product development with the fewest errors and risks is always the subject of discussion and investigation among the researchers of this field. This study aims to investigate the most important risks existing in the new product developm...
متن کاملRisk management in the sphere of state economic security provision using professional liability insurance
This study contains a comprehensive scientific analysis of modern problems of risk management in the sphere of state economic security provision using professional liability insurance. The elements of the mechanism for providing economic security are defined, namely: subjects, objects, and instruments of influence. It is stipulated that insurance is the means to provide state economic security....
متن کامل