Stakeholder Value Driven Threat Modeling for Off the Shelf Based Systems

14 years 11 months ago

Download csse.usc.edu

er abstract summarizes the Threat Modeling method based on Attacking Path Analysis (T-MAP) which quantifies and prioritizes security threats by calculating the total severity weights of relevant attacking paths for Commercial Off The Shelf (COTS) based systems. Compared to existing approaches, T-MAP is dynamic and sensitive to system stakeholder value priorities and IT environment. It distills the technical details of thousands of relevant software vulnerabilities into management-friendly numbers at a high-level. In its initial usage in a large IT organization, T-MAP has demonstrated significant strength in COTS vulnerability prioritizing and estimating security investment effectiveness, as well as COTS security assessment in early project life-cycle. Furthermore, a software tool has been developed to automate the T-MAP.

Yue Chen

Real-time Traffic

COTS Security Assessment | COTS Vulnerability | ICSE 2007 | Relevant Attacking Paths | Software Engineering |

claim paper

Post Info
More Details (n/a)

Added	09 Dec 2009
Updated	09 Dec 2009
Type	Conference
Year	2007
Where	ICSE
Authors	Yue Chen

Comments (0)

Sciweavers

Stakeholder Value Driven Threat Modeling for Off the Shelf Based Systems

COTS Security Assessment | COTS Vulnerability | ICSE 2007 | Relevant Attacking Paths | Software Engineering |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers