مرکز منطقه ای اطلاع رساني علوم و فناوري - Stakeholder Value Driven Threat Modeling for Off the Shelf Based Systems

DocumentCode :

464345

Title :

Stakeholder Value Driven Threat Modeling for Off the Shelf Based Systems

Author :

Yue Chen ; Boehm, B.W.

Author_Institution :

Center for Syst. & Software Eng., Univ. of Southern California, Los Angeles, CA

fYear :

2007

fDate :

20-26 May 2007

Firstpage :

Lastpage :

Abstract :

As the trend of the usage of third party commercial-off-the-shelf (COTS) and open source software continuously increases, COTS security has become a major concern for many organizations whose daily business extensively relies upon a healthy IT infrastructure. But, according to the 2006 CSI/FBI computer criminal survey, 47% of the surveyed organizations only spent no more than 2% of the IT budget in security. Often, competing with limited IT resources and the fast changing Internet threats, the ability to prioritize security vulnerabilities and address them efficiently has become a critical success factor for every security manager.

Keywords :

public domain software; security of data; software packages; COTS security; commercial-off-the-shelf based system; open source software; stakeholder value driven threat modeling; Availability; Business; Computer security; Data security; Databases; Information security; NIST; Open source software; Software engineering; Tree graphs;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Software Engineering - Companion, 2007. ICSE 2007 Companion. 29th International Conference on

Conference_Location :

Minneapolis, MN

Print_ISBN :

0-7695-2892-9

Type :

conf

DOI :

10.1109/ICSECOMPANION.2007.69

Filename :

4222695

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=464345