A threat risk modeling framework for Geospatial Weather Information System (GWIS) a DREAD based study
نویسندگان
چکیده
Over the years, the focus has been on protecting network, host, database and standard applications from internal and external threats. The Rapid Application Development (RAD) process makes the web application extremely short and makes it difficult to eliminate the vulnerabilities. Here we study web application risk assessment technique called threat risk modeling to improve the security of the application. We implement our proposed mechanism the application risk assessment using Microsoft’s threat risk DREAD model to evaluate the application security risk against vulnerability parameters. The study led to quantifying different levels of risk for Geospatial Weather Information System (GWIS) using DREAD model. Keywords— Rapid Application Development, Risk rating, Security assessment.
منابع مشابه
Developing a Model Based on Geospatial Information Systems (GIS) and Adaptive Neuro-Fuzzy Inference Systems (ANFIS) for Providing the Spatial Distribution Map of Landslide Risk. Case Study: Alborz Province
Landslide is one of these natural hazards which causes a great amount of financial and human damage annually allover the world. Accordingly, identification of areas with landslide threat for implementation of preventive measures in order to confront against the instability of hillsides for reduction of potential threats and related risks is very important. In this research a new method for clas...
متن کاملConvective Weather Detection by General Aviation Pilots with Conventional and Data-linked Graphical Weather Information Sources
This study compares how well general aviation (GA) pilots detect convective weather in flight with different weather information sources. A flight test was conducted in which GA pilot test subjects were given different in-flight weather information cues and flown toward convective weather of moderate or greater intensity. The test subjects were not actually flying the aircraft, but were given p...
متن کاملFuzzy Logic Approach for Threat Prioritization in Agile Security Framework using DREAD Model
For a qualitative system sound security practices must be a crucial part throughout the entire software lifecycle. Furthermore, agile software development has paved the way for overcoming the problems faced by developers during traditional development process. In the given paper we are using an Agile Security Framework that is compatible with practices of agile processes and inherit in it the b...
متن کاملAn Authorization Framework for Database Systems
Today, data plays an essential role in all levels of human life, from personal cell phones to medical, educational, military and government agencies. In such circumstances, the rate of cyber-attacks is also increasing. According to official reports, data breaches exposed 4.1 billion records in the first half of 2019. An information system consists of several components, which one of the most im...
متن کاملForest Fire Potential Modeling and Simulation of its Extension Using Remote Sensing Data and GIS: (A Protected Area of Arasbaran)
Forest fire models are generally used in different aspects of fire management and are helpful in understanding and prediction of fire behavior. Forest fires cause a significant damage for public property by destroying a large tract of forest. This helps fire fighters to focus on an area with greater risk and to develop better substructure for fire fighter training and ultimately to plan fire-f...
متن کامل