مرکز منطقه ای اطلاع رساني علوم و فناوري - A Socio-technical Framework for Threat Modeling a Software Supply Chain

DocumentCode :

33449

Title :

A Socio-technical Framework for Threat Modeling a Software Supply Chain

Author :

Al Sabbagh, Bilal ; Kowalski, Stewart

Volume :

Issue :

fYear :

2015

fDate :

July-Aug. 2015

Firstpage :

Lastpage :

Abstract :

A new framework performs security threat modeling for a global software supply chain. The threat modeling is based on a case study from the Swedish Armed Forces. After a review of current practices and theories for threat modeling of a software supply chain, the authors suggest a socio-technical framework for studying the software supply chain security problem from a systemic viewpoint. The framework addresses issues of modeling the target system, identifying threats, and analyzing countermeasures.

Keywords :

security of data; supply chains; global software supply chain; security threat modeling; socio-technical framework; software supply chain security problem; Computer security; Operating systems; Security; Social implications of technology; Supply chain management; security; social-technical approach; sociotechnical framework; software supply chain; threat modeling;

fLanguage :

English

Journal_Title :

Security & Privacy, IEEE

Publisher :

ieee

ISSN :

1540-7993

Type :

jour

DOI :

10.1109/MSP.2015.72

Filename :

7180277

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=33449