loading
Papers

Research.Publish.Connect.

Paper

Authors: Andreas Schaad and Tobias Reski

Affiliation: Department of Media and Information, University of Applied Sciences Offenburg, Badstraße 24, 77652 Offenburg and Germany

ISBN: 978-989-758-378-0

Keyword(s): Threat Analysis, Architecture, Security, Risk Assessment.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Secure Software Development Methodologies ; Security Engineering ; Security in Information Systems ; Security Requirements ; Software Security

Abstract: The development of secure software systems is of ever-increasing importance. While software companies often invest large amounts of resources into the upkeeping and general security properties of large-scale applications when in production, they appear to neglect utilizing threat modeling in the earlier stages of the software development lifecycle. When applied during the design phase of development, and continuously throughout development iterations, threat modeling can help to establish a “Secure by Design” approach. This approach allows issues relating to IT security to be found early during development, reducing the need for later improvement – and thus saving resources in the long term. In this paper the current state of threat modeling is investigated. This investigation drove the derivation of requirements for the development of a new threat modelling framework and tool, called OVVL. OVVL utilizes concepts of established threat modeling methodologies, as well as functionality n ot available in existing solutions. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.214.184.124

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Schaad, A. and Reski, T. (2019). “Open Weakness and Vulnerability Modeler” (OVVL): An Updated Approach to Threat Modeling.In Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - Volume 2: SECRYPT, ISBN 978-989-758-378-0, pages 417-424. DOI: 10.5220/0007919004170424

@conference{secrypt19,
author={Andreas Schaad. and Tobias Reski.},
title={“Open Weakness and Vulnerability Modeler” (OVVL): An Updated Approach to Threat Modeling},
booktitle={Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - Volume 2: SECRYPT,},
year={2019},
pages={417-424},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007919004170424},
isbn={978-989-758-378-0},
}

TY - CONF

JO - Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - Volume 2: SECRYPT,
TI - “Open Weakness and Vulnerability Modeler” (OVVL): An Updated Approach to Threat Modeling
SN - 978-989-758-378-0
AU - Schaad, A.
AU - Reski, T.
PY - 2019
SP - 417
EP - 424
DO - 10.5220/0007919004170424

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.