Experiences from Using the CORAS Methodology to Analyze a Web Application

During a field trial performed at the Norwegian telecom company NetCom from May 2003 to July 2003, a methodology for model-based risk analysis was assessed. The chosen methodology was the CORAS methodology (CORAS, 2000), which has been developed in a European research project carried out by 11 European companies and research institutes partly funded by the European Union. The risk analysis and assessment were carried out by the Norwegian research institute SINTEF in cooperation with NetCom. NetCom (www.netcom.no) is one of the main mobile phone network providers in Norway. Their ‘MinSide’ application offers their customers access to their personal account information via the Internet, enabling them to view and change the properties of their mobile phone subscription. ‘MinSide’ deals with a lot of sensitive customer information that needs to be secure, while at the same time being easily available to the customer in order for the service to remain usable and competitive. The goal of the analysis was to identify risks in relation to the use of the ‘MinSide’ application and, where possible, suggest treatments for these risks. This was achieved through two model-driven brainstorming sessions based on system documentation in the form of UML sequence diagrams and data flow diagrams.

Download Full-text

Experiences from Using the CORAS Methodology to Analyze a Web Application

Cases on Information Technology Series - Cases on Information Technology ◽

10.4018/978-1-59140-673-0.ch027 ◽

2011 ◽

pp. 483-501 ◽

Cited By ~ 2

Author(s):

Folker den Braber ◽

Arne Bjørn Mildal ◽

Jone Nes ◽

Ketil Stølen ◽

Fredrik Vraalsen

Keyword(s):

Risk Analysis ◽

Mobile Phone ◽

Web Application ◽

The European Union ◽

Sequence Diagrams ◽

Model Driven ◽

Customer Information ◽

Research Institutes ◽

Flow Diagrams ◽

Account Information

During a field trial performed at the Norwegian telecom company NetCom from May 2003 to July 2003, a methodology for model-based risk analysis was assessed. The chosen methodology was the CORAS methodology (CORAS, 2000), which has been developed in a European research project carried out by 11 European companies and research institutes partly funded by the European Union. The risk analysis and assessment were carried out by the Norwegian research institute SINTEF in cooperation with NetCom. NetCom (www.netcom.no) is one of the main mobile phone network providers in Norway. Their ‘MinSide’ application offers their customers access to their personal account information via the Internet, enabling them to view and change the properties of their mobile phone subscription. ‘MinSide’ deals with a lot of sensitive customer information that needs to be secure, while at the same time being easily available tithe customer in order for the service to remain usable and competitive. The goal of the analysis was to identify risks in relation to the use of the ‘MinSide’ application and, where possible, suggest treatments for these risks. This was achieved through two model-driven brainstorming sessions based on system documentation in the form of UML sequence diagrams and data flow diagrams.

Download Full-text

Experiences from Using the CORAS Methodology to Analyze a Web Application

Information Security and Ethics ◽

10.4018/978-1-59904-937-3.ch128 ◽

2008 ◽

pp. 1865-1883

Author(s):

Folker Braber ◽

Arne Mildal ◽

Jone Nes ◽

Ketil Stølen ◽

Fredrik Vraalsen

Keyword(s):

Risk Analysis ◽

Mobile Phone ◽

Web Application ◽

The European Union ◽

Sequence Diagrams ◽

Model Driven ◽

Customer Information ◽

Research Institutes ◽

Flow Diagrams ◽

Account Information

During a field trial performed at the Norwegian telecom company NetCom from May 2003 to July 2003, a methodology for model-based risk analysis was assessed. The chosen methodology was the CORAS methodology (CORAS, 2000), which has been developed in a European research project carried out by 11 European companies and research institutes partly funded by the European Union. The risk analysis and assessment were carried out by the Norwegian research institute SINTEF in cooperation with NetCom. NetCom (www.netcom.no) is one of the main mobile phone network providers in Norway. Their ‘MinSide’ application offers their customers access to their personal account information via the Internet, enabling them to view and change the properties of their mobile phone subscription. ‘MinSide’ deals with a lot of sensitive customer information that needs to be secure, while at the same time being easily available tithe customer in order for the service to remain usable and competitive. The goal of the analysis was to identify risks in relation to the use of the ‘MinSide’ application and, where possible, suggest treatments for these risks. This was achieved through two model-driven brainstorming sessions based on system documentation in the form of UML sequence diagrams and data flow diagrams.

Download Full-text

Graph-Based Visual Analytics Tools for Digital Humanities Research

10.51130/graphicon-2020-2-3-9 ◽

2020 ◽

pp. paper9-1-paper9-10

Author(s):

Konstantin Ryabinin ◽

Konstantin Belousov ◽

Svetlana Chuprina

Keyword(s):

Visual Analytics ◽

Web Application ◽

Digital Humanities ◽

Source Code ◽

Application Domain ◽

Model Driven ◽

Visual Model ◽

Flow Diagrams ◽

High Level ◽

Circular Graph

This paper is devoted to the development of the Web application for the visual analytics of the interconnected data within digital humanities research highly adaptable to the specifics of application domain and personal analytics preferences. The circular graph is proposed as a visual model to depict the interconnected data in a comprehensive way. The graph rendering software is organized according to the model-driven architecture utilizing ontology engineering methods and means, which ensure configuration flexibility and modification ease. The functioning scenarios of the application’s visualization component can be changed without its source code modifications, just by editing the under- lying ontology that describes data processing and rendering mechanisms. Extraction, transformation, loading and rendering of the data are con- figured in the intuitive way by data flow diagrams with the help of a high-level graphical editor. The described features are demonstrated on the real-world examples from the digital humanities application domain.

Download Full-text

Pest Risk Analysis (PRA) for the territories of the European Union (as PRA area) on Bursaphelenchus xylophilus and its vectors in the genus Monochamus

EPPO Bulletin ◽

10.1111/j.1365-2338.1996.tb00594.x ◽

1996 ◽

Vol 26 (2) ◽

pp. 199-249 ◽

Cited By ~ 130

Author(s):

H. F. EVANS ◽

D. G. McNAMARA ◽

H. BRAASCH ◽

J. CHADOEUF ◽

C. MAGNUSSON

Keyword(s):

European Union ◽

Risk Analysis ◽

Bursaphelenchus Xylophilus ◽

The European Union ◽

Pest Risk Analysis ◽

Pest Risk

Download Full-text

Model-Driven Approach to develop Rich Web Applications

CLEI electronic journal ◽

10.19153/cleiej.21.2.4 ◽

2018 ◽

Vol 21 (2) ◽

Cited By ~ 1

Author(s):

Guido Nuñez ◽

Daniel Bonhaure ◽

Magalí González ◽

Nathalie Aquino ◽

Luca Cernuzzi

Keyword(s):

Code Generation ◽

Web Application ◽

Web Applications ◽

Application Development ◽

Internet Applications ◽

Architecture Model ◽

Model Driven ◽

Rich Internet Applications ◽

Preliminary Validation ◽

Model Driven Approach

Many Web applications have among their features the possibility of distributing their data and their business logic between the client and the server, also allowing an asynchronous communication between them. These features, originally associated with the arrival of Rich Internet Applications (RIA), remain particularly relevant and desirable. In the area of RIA, there are few proposals that simultaneously consider these features, adopt Model-Driven Development (MDD), and use implementation technologies based on scripting. In this work, we start from MoWebA, an MDD approach to web application development, and we extend it by defining a specific architecture model with RIA functionalities, supporting the previously mentioned features. We have defined the necessary metamodels and UML profiles, as well as transformation rules that allow you to generate code based on HTML5, Javascript, jQuery, jQuery Datatables and jQuery UI. The preliminary validation of the proposal shows positive evidences regarding the effectiveness, efficiency and satisfaction of the users with respect to the modeling and code generation processes of the proposal.

Download Full-text

Approaches to Risk Analysis in the European Union

Industrial Safety Series - Risk assessment and management in the context of the seveso II directive ◽

10.1016/s0921-9110(98)80007-4 ◽

1998 ◽

pp. 3-26 ◽

Cited By ~ 1

Author(s):

Aniello Amendola

Keyword(s):

European Union ◽

Risk Analysis ◽

The European Union

Download Full-text

Model-Driven Approach for the Development of Web Application System

Foundations and Applications of Intelligent Systems - Advances in Intelligent Systems and Computing ◽

10.1007/978-3-642-37829-4_21 ◽

2013 ◽

pp. 257-264

Author(s):

Jinkui Hou

Keyword(s):

Web Application ◽

Application System ◽

Model Driven ◽

Web Application System ◽

Model Driven Approach

Download Full-text

E-Banking Security

Encyclopedia of Criminal Activities and the Deep Web ◽

10.4018/978-1-5225-9715-5.ch060 ◽

2020 ◽

pp. 893-904

Author(s):

Fabio Diniz Rossi ◽

Rumenigue Hohemberger ◽

Marcos Paulo Konzen ◽

Daniel Chaves Temp

Keyword(s):

Banking Industry ◽

Online Banking ◽

Security Measures ◽

Customer Information ◽

Economic Organizations ◽

Account Information ◽

Money Transfers

The online banking industry has overgrown in recent years and will continue to grow as economic organizations remain to encourage customers to handle online banking transactions such as money transfers, access to account information, or payment of monthly bills. During this period, internet criminals and fraudsters attempting to steal personal customer information hijacked online banking. This article proposes reviewing the ways by which fraudulent activities are performed and what banks are doing to prevent such activities, as well as the new security measures that banks are using to increase customer confidence. Therefore, the authors present the threats, challenges to address such threats, some trends, and future landscapes regarding online banking security.

Download Full-text