FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W3109195496> ?p ?o ?g. }

• W3109195496 abstract "Context: Security is a growing concern in many organizations. Industries developing software systems plan for security early-on to minimize expensive code refactorings after deployment. In the design phase, teams of experts routinely analyze the system architecture and design to find potential security threats and flaws. After the system is implemented, the source code is often inspected to determine its compliance with the intended functionalities. Objective: The goal of this thesis is to improve on the performance of security design analysis techniques (in the design and implementation phases) and support practitioners with automation and tool support. Method: We conducted empirical studies for building an in-depth understanding of existing threat analysis techniques (Systematic Literature Review, controlled experiments). We also conducted empirical case studies with industrial participants to validate our attempt at improving the performance of one technique. Further, we validated our proposal for automating the inspection of security design flaws by organizing workshops with participants (under controlled conditions) and subsequent performance analysis. Finally, we relied on a series of experimental evaluations for assessing the quality of the proposed approach for automating security compliance checks. Findings: We found that the eSTRIDE approach can help focus the analysis and produce twice as many high-priority threats in the same time frame. We also found that reasoning about security in an automated fashion requires extending the existing notations with more precise security information. In a formal setting, minimal model extensions for doing so include security contracts for system nodes handling sensitive information. The formally-based analysis can to some extent provide completeness guarantees. For a graph-based detection of flaws, minimal required model extensions include data types and security solutions. In such a setting, the automated analysis can help in reducing the number of overlooked security flaws. Finally, we suggested to define a correspondence mapping between the design model elements and implemented constructs. We found that such a mapping is a key enabler for automatically checking the security compliance of the implemented system with the intended design. The key for achieving this is two-fold. First, a heuristics-based search is paramount to limit the manual effort that is required to define the mapping. Second, it is important to analyze implemented data flows and compare them to the data flows stipulated by the design." @default.
• W3109195496 created "2020-12-07" @default.
• W3109195496 creator A5007822940 @default.
• W3109195496 date "2020-12-04" @default.
• W3109195496 modified "2023-09-23" @default.
• W3109195496 title "Efficiency and Automation in Threat Analysis of Software Systems" @default.
• W3109195496 hasPublicationYear "2020" @default.
• W3109195496 type Work @default.
• W3109195496 sameAs 3109195496 @default.
• W3109195496 citedByCount "0" @default.
• W3109195496 crossrefType "journal-article" @default.
• W3109195496 hasAuthorship W3109195496A5007822940 @default.
• W3109195496 hasConcept C103377522 @default.
• W3109195496 hasConcept C111919701 @default.
• W3109195496 hasConcept C112930515 @default.
• W3109195496 hasConcept C115901376 @default.
• W3109195496 hasConcept C115903868 @default.
• W3109195496 hasConcept C121822524 @default.
• W3109195496 hasConcept C127413603 @default.
• W3109195496 hasConcept C151730666 @default.
• W3109195496 hasConcept C184842701 @default.
• W3109195496 hasConcept C195094911 @default.
• W3109195496 hasConcept C195518309 @default.
• W3109195496 hasConcept C2779343474 @default.
• W3109195496 hasConcept C29983905 @default.
• W3109195496 hasConcept C38652104 @default.
• W3109195496 hasConcept C41008148 @default.
• W3109195496 hasConcept C527648132 @default.
• W3109195496 hasConcept C62913178 @default.
• W3109195496 hasConcept C71924100 @default.
• W3109195496 hasConcept C78519656 @default.
• W3109195496 hasConcept C79974875 @default.
• W3109195496 hasConcept C86803240 @default.
• W3109195496 hasConceptScore W3109195496C103377522 @default.
• W3109195496 hasConceptScore W3109195496C111919701 @default.
• W3109195496 hasConceptScore W3109195496C112930515 @default.
• W3109195496 hasConceptScore W3109195496C115901376 @default.
• W3109195496 hasConceptScore W3109195496C115903868 @default.
• W3109195496 hasConceptScore W3109195496C121822524 @default.
• W3109195496 hasConceptScore W3109195496C127413603 @default.
• W3109195496 hasConceptScore W3109195496C151730666 @default.
• W3109195496 hasConceptScore W3109195496C184842701 @default.
• W3109195496 hasConceptScore W3109195496C195094911 @default.
• W3109195496 hasConceptScore W3109195496C195518309 @default.
• W3109195496 hasConceptScore W3109195496C2779343474 @default.
• W3109195496 hasConceptScore W3109195496C29983905 @default.
• W3109195496 hasConceptScore W3109195496C38652104 @default.
• W3109195496 hasConceptScore W3109195496C41008148 @default.
• W3109195496 hasConceptScore W3109195496C527648132 @default.
• W3109195496 hasConceptScore W3109195496C62913178 @default.
• W3109195496 hasConceptScore W3109195496C71924100 @default.
• W3109195496 hasConceptScore W3109195496C78519656 @default.
• W3109195496 hasConceptScore W3109195496C79974875 @default.
• W3109195496 hasConceptScore W3109195496C86803240 @default.
• W3109195496 hasLocation W31091954961 @default.
• W3109195496 hasOpenAccess W3109195496 @default.
• W3109195496 hasPrimaryLocation W31091954961 @default.
• W3109195496 hasRelatedWork W1608000054 @default.
• W3109195496 hasRelatedWork W1946950447 @default.
• W3109195496 hasRelatedWork W2000628719 @default.
• W3109195496 hasRelatedWork W2009765205 @default.
• W3109195496 hasRelatedWork W2064072875 @default.
• W3109195496 hasRelatedWork W2088405928 @default.
• W3109195496 hasRelatedWork W2404402917 @default.
• W3109195496 hasRelatedWork W2406589135 @default.
• W3109195496 hasRelatedWork W2613822183 @default.
• W3109195496 hasRelatedWork W2767826655 @default.
• W3109195496 hasRelatedWork W2795113090 @default.
• W3109195496 hasRelatedWork W2900740599 @default.
• W3109195496 hasRelatedWork W3001443755 @default.
• W3109195496 hasRelatedWork W3165334932 @default.
• W3109195496 hasRelatedWork W566189574 @default.
• W3109195496 hasRelatedWork W658105165 @default.
• W3109195496 hasRelatedWork W829110844 @default.
• W3109195496 hasRelatedWork W909468889 @default.
• W3109195496 hasRelatedWork W2183898771 @default.
• W3109195496 hasRelatedWork W2187635982 @default.
• W3109195496 isParatext "false" @default.
• W3109195496 isRetracted "false" @default.
• W3109195496 magId "3109195496" @default.
• W3109195496 workType "article" @default.