Threat scenario-based security risk analysis using use case modeling in information systems
- Authors
- Kim, Young-Gab; Cha, Sungdeok
- Issue Date
- 3월-2012
- Publisher
- WILEY-HINDAWI
- Keywords
- security risk analysis; qualitative risk analysis; scenario method; use case modeling; Broadband convergence Network (BcN)
- Citation
- SECURITY AND COMMUNICATION NETWORKS, v.5, no.3, pp.293 - 300
- Indexed
- SCIE
SCOPUS
- Journal Title
- SECURITY AND COMMUNICATION NETWORKS
- Volume
- 5
- Number
- 3
- Start Page
- 293
- End Page
- 300
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/105352
- DOI
- 10.1002/sec.321
- ISSN
- 1939-0114
- Abstract
- Successful Security Risk Analysis (SRA) enables us to develop a secure information management system and provides valuable analysis data for future risk estimation. One of the qualitative techniques for SRA is the scenario method. This provides a framework for our explorations that raises our awareness and appreciation of uncertainty. However, the existing scenario methods are too abstract to be applicable to some situations and have not been formalized in information systems (ISs) because they do not explicitly define artifacts or have any standard notation. Therefore, this paper proposes the improved scenario-based SRA approach, which can create SRA reports using threat scenario templates and manage security risk directly in ISs. Furthermore, in order to show how to apply the proposed method in a specific environment, especially in a Broadband convergence Network (BcN) environment, a case study is presented. Copyright (C) 2011 John Wiley & Sons, Ltd.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - Graduate School > Department of Computer Science and Engineering > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.