MP-RA: Towards a Model-Driven and Pattern-Based Risk Analysis of e-Service Fraud

2018 ◽  
pp. 172-180 ◽  
Author(s):  
Ahmed Seid Yesuf
Keyword(s):  
Risk Analysis ◽  
Model Driven

Model-Driven Risk Analysis

2011 ◽  
Author(s):  
Mass Soldal Lund ◽  
Bjørnar Solhaug ◽  
Ketil Stølen
Keyword(s):  
Risk Analysis ◽  
Model Driven

Model-driven Risk Analysis for the Design of Safe Collaborative Robotic Applications

2020 ◽  
Author(s):  
Mehrnoosh Askarpour ◽  
Livia Lestingi ◽  
Federico Buran ◽  
Matteo Rossi ◽  
Federico Vicentini
Keyword(s):  
Risk Analysis ◽  
Model Driven ◽  
Robotic Applications

Experiences from Using the CORAS Methodology to Analyze a Web Application

2011 ◽  
pp. 483-501 ◽  
Author(s):  
Folker den Braber ◽  
Arne Bjørn Mildal ◽  
Jone Nes ◽  
Ketil Stølen ◽  
Fredrik Vraalsen
Keyword(s):  
Risk Analysis ◽  
Mobile Phone ◽  
Web Application ◽  
The European Union ◽  
Sequence Diagrams ◽  
Model Driven ◽  
Customer Information ◽  
Research Institutes ◽  
Flow Diagrams ◽  
Account Information

During a field trial performed at the Norwegian telecom company NetCom from May 2003 to July 2003, a methodology for model-based risk analysis was assessed. The chosen methodology was the CORAS methodology (CORAS, 2000), which has been developed in a European research project carried out by 11 European companies and research institutes partly funded by the European Union. The risk analysis and assessment were carried out by the Norwegian research institute SINTEF in cooperation with NetCom. NetCom (www.netcom.no) is one of the main mobile phone network providers in Norway. Their ‘MinSide’ application offers their customers access to their personal account information via the Internet, enabling them to view and change the properties of their mobile phone subscription. ‘MinSide’ deals with a lot of sensitive customer information that needs to be secure, while at the same time being easily available tithe customer in order for the service to remain usable and competitive. The goal of the analysis was to identify risks in relation to the use of the ‘MinSide’ application and, where possible, suggest treatments for these risks. This was achieved through two model-driven brainstorming sessions based on system documentation in the form of UML sequence diagrams and data flow diagrams.

scholarly journals Model-driven architectural risk analysis using architectural and contextualised attack patterns

2012 ◽  
Author(s):  
Shamal Faily ◽  
John Lyle ◽  
Cornelius Namiluko ◽  
Andrea Atzeni ◽  
Cesare Cameroni
Keyword(s):  
Risk Analysis ◽  
Model Driven ◽  
Attack Patterns

scholarly journals Using Model-Driven Risk Analysis in Component-Based Development

2012 ◽  
pp. 330-380 ◽  
Author(s):  
Gyrd Brændeland ◽  
Ketil Stølen
Keyword(s):  
Risk Analysis ◽  
Development Process ◽  
System Development ◽  
Component Composition ◽  
Modular System ◽  
Analysis Method ◽  
Model Driven ◽  
Model Based ◽  
Component Based Development ◽  
Analysis Methods

Modular system development causes challenges for security and safety as upgraded sub-components may interact with the system in unforeseen ways. Due to their lack of modularity, conventional risk analysis methods are poorly suited to address these challenges. We propose to adjust an existing method for model-based risk analysis into a method for component-based risk analysis. We also propose a stepwise integration of the component-based risk analysis method into a component-based development process. By using the same kinds of description techniques to specify functional behaviour and risks, we may achieve upgrading of risk analysis documentation as an integrated part of component composition and refinement.

Experiences from Using the CORAS Methodology to Analyze a Web Application

2008 ◽  
pp. 1865-1883
Author(s):  
Folker Braber ◽  
Arne Mildal ◽  
Jone Nes ◽  
Ketil Stølen ◽  
Fredrik Vraalsen
Keyword(s):  
Risk Analysis ◽  
Mobile Phone ◽  
Web Application ◽  
The European Union ◽  
Sequence Diagrams ◽  
Model Driven ◽  
Customer Information ◽  
Research Institutes ◽  
Flow Diagrams ◽  
Account Information

During a field trial performed at the Norwegian telecom company NetCom from May 2003 to July 2003, a methodology for model-based risk analysis was assessed. The chosen methodology was the CORAS methodology (CORAS, 2000), which has been developed in a European research project carried out by 11 European companies and research institutes partly funded by the European Union. The risk analysis and assessment were carried out by the Norwegian research institute SINTEF in cooperation with NetCom. NetCom (www.netcom.no) is one of the main mobile phone network providers in Norway. Their ‘MinSide’ application offers their customers access to their personal account information via the Internet, enabling them to view and change the properties of their mobile phone subscription. ‘MinSide’ deals with a lot of sensitive customer information that needs to be secure, while at the same time being easily available tithe customer in order for the service to remain usable and competitive. The goal of the analysis was to identify risks in relation to the use of the ‘MinSide’ application and, where possible, suggest treatments for these risks. This was achieved through two model-driven brainstorming sessions based on system documentation in the form of UML sequence diagrams and data flow diagrams.

Experiences from Using the CORAS Methodology to Analyze a Web Application

2006 ◽  
pp. 100-121
Author(s):  
Folker den Braber ◽  
Arne Bjørn Mildal ◽  
Jone Nes ◽  
Ketil Stølen ◽  
Fredrik Vraalsen
Keyword(s):  
Risk Analysis ◽  
Mobile Phone ◽  
Web Application ◽  
The European Union ◽  
Sequence Diagrams ◽  
Model Driven ◽  
Customer Information ◽  
Research Institutes ◽  
Flow Diagrams ◽  
Account Information

During a field trial performed at the Norwegian telecom company NetCom from May 2003 to July 2003, a methodology for model-based risk analysis was assessed. The chosen methodology was the CORAS methodology (CORAS, 2000), which has been developed in a European research project carried out by 11 European companies and research institutes partly funded by the European Union. The risk analysis and assessment were carried out by the Norwegian research institute SINTEF in cooperation with NetCom. NetCom (www.netcom.no) is one of the main mobile phone network providers in Norway. Their ‘MinSide’ application offers their customers access to their personal account information via the Internet, enabling them to view and change the properties of their mobile phone subscription. ‘MinSide’ deals with a lot of sensitive customer information that needs to be secure, while at the same time being easily available to the customer in order for the service to remain usable and competitive. The goal of the analysis was to identify risks in relation to the use of the ‘MinSide’ application and, where possible, suggest treatments for these risks. This was achieved through two model-driven brainstorming sessions based on system documentation in the form of UML sequence diagrams and data flow diagrams.

Sign in / Sign up

Export Citation Format

Share Document