Avoidance and discovery of security vulnerabilities in information systems requires awareness of typical risks and a good understanding of vulnerabilities and their exploitations....
– The difficulty in managing security threats and vulnerabilities for small and medium-sized enterprises (SME) is investigated. A detailed conceptual framework for asset and thre...
Telephony over IP is exposed to multiple security threats. Conventional protection mechanisms do not fit into the highly dynamic, open and large-scale settings of VoIP infrastructu...
The paper makes two main contributions: (1) It presents experiences from using the CORAS language for security threat modelling to specify legal risk scenarios. These experiences a...
Fredrik Vraalsen, Mass Soldal Lund, Tobias Mahler,...
Recent works on Internet risk management have proposed the idea of cyber-insurance to eliminate risks due to security threats, which cannot be tackled through traditional means suc...