loading
  • Login
  • Sign-Up

Research.Publish.Connect.

Paper

Authors: Gencer Erdogan 1 ; Ketil Stølen 1 and Jan Øyvind Aagedal 2

Affiliations: 1 SINTEF ICT and University of Oslo, Norway ; 2 Equatex, Norway

ISBN: 978-989-758-167-0

Keyword(s): Case Study, Security Testing, Risk Assessment.

Related Ontology Subjects/Areas/Topics: Computer-Supported Education ; Enterprise Information Systems ; Information Systems Analysis and Specification ; Information Technologies Supporting Learning ; Security ; Security and Privacy

Abstract: The CORAL approach is a model-based method to security testing employing risk assessment to help security testers select and design test cases based on the available risk picture. In this paper we present experiences from using CORAL in an industrial case. The results indicate that CORAL supports security testers in producing risk models that are valid and threat scenarios that are directly testable. This, in turn, helps testers to select and design test cases according to the most severe security risks posed on the system under test.

PDF ImageFull Text

Download
Sign In Guest: Register as new SCITEPRESS user or Join INSTICC now for free.

Sign In SCITEPRESS user: please login.

Sign In INSTICC Members: please login. If not a member yet, Join INSTICC now for free.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 54.225.3.114. INSTICC members have higher download limits (free membership now)

In the current month:
Recent papers: 1 available of 1 total
2+ years older papers: 2 available of 2 total

Paper citation in several formats:
Erdogan G., Stølen K. and Aagedal J. (2016). Evaluation of the CORAL Approach for Risk-driven Security Testing based on an Industrial Case Study.In Proceedings of the 2nd International Conference on Information Systems Security and Privacy ISBN 978-989-758-167-0, pages 219-226. DOI: 10.5220/0005650902190226

@conference{icissp16,
author={Gencer Erdogan and Ketil Stølen and Jan Øyvind Aagedal},
title={Evaluation of the CORAL Approach for Risk-driven Security Testing based on an Industrial Case Study},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy },
year={2016},
pages={219-226},
doi={10.5220/0005650902190226},
isbn={978-989-758-167-0},
}

TY - CONF

JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy
TI - Evaluation of the CORAL Approach for Risk-driven Security Testing based on an Industrial Case Study
SN - 978-989-758-167-0
AU - Erdogan G.
AU - Stølen K.
AU - Aagedal J.
PY - 2016
SP - 219
EP - 226
DO - 10.5220/0005650902190226

Sorted by: Show papers

Note: The preferred Subjects/Areas/Topics, listed below for each paper, are those that match the selected paper topics and their ontology superclasses.
More...

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.

Show authors

Note: The preferred Subjects/Areas/Topics, listed below for each author, are those that more frequently used in the author's papers.
More...