ePubs
The open archive for STFC research publications
Home
About ePubs
Content Policies
News
Help
Privacy/Cookies
Contact ePubs
Full Record Details
Persistent URL
http://purl.org/net/epubs/work/36960
Record Status
Checked
Record Id
36960
Title
Security Risk Mitigation for Information Systems
Contributors
V Page (Kingston University)
,
M Dixon (London Metropolitan University)
,
I Choudhury (London Metropolitan University)
Abstract
Abstract ? Security risk mitigation is a salient issue in systems development research. This paper introduces a light weight approach to security risk mitigation, that can be used within an Agile Development framework, the Security Obstacle Mitigation Model (SOMM). The SOMM uses the concept of Trust Assumptions to derive obstacles and the concept of Misuse Cases to model the obstacles. A synthetic scenario, based on an on-line system, shows how the SOMM is used to anticipate malicious behaviour with respect to an operational Information System and to document a priori how this malicious behaviour should be mitigated. Since the SOMM is conceptually simple in deployment, its use is well within the capacities of the users who form part of an Agile Development team and crucially it should not take up a significant amount of development time.
Organisation
CCLRC
,
ESC
Keywords
Engineering
,
Security risk mitigation
,
Obstacle analysis
,
Misuse case
,
Mitigation case
Funding Information
Related Research Object(s):
Licence Information:
Language
English (EN)
Type
Details
URI(s)
Local file(s)
Year
Journal Article
BT Technol J
25, no. 1 (2007): 118-127.
doi:10.1007/s10550-007-0014-8
BTTJ_25_2007p118.pdf
2007
Showing record 1 of 1
Recent Additions
Browse Organisations
Browse Journals/Series
Login to add & manage publications and access information for OA publishing
Username:
Password:
Useful Links
Chadwick & RAL Libraries
SHERPA FACT
SHERPA RoMEO
SHERPA JULIET
Journal Checker Tool
Google Scholar