Sciweavers

MKWI
2008

Towards Automated Risk Identification in Service-Oriented Architectures

14 years 1 months ago
Towards Automated Risk Identification in Service-Oriented Architectures
: IT risk management is an important challenge for businesses and software vulnerabilities are a major source of IT risks, as the 2006 CSI/FBI Computer Crime and Security Survey [GLLR06] demonstrates. According to the survey, many companies consider it important to quantify the losses attacks against their IT systems cause but are unable to do so. In service-oriented architectures, we see a promising option of identifying the risk impact a software vulnerability has on the confidentiality, integrity, and availability of business processes. Instead of performing this identification manually, which is a time-consuming task, we present an approach of identifying the risk impact in a highly automated manner, and report on our ongoing work in this area.
Lutz Lowis
Added 29 Oct 2010
Updated 29 Oct 2010
Type Conference
Year 2008
Where MKWI
Authors Lutz Lowis
Comments (0)