Enhancing use cases with subjective risk assessment | |
Arogundade, O.T. ; Jin, Z. ; Yang, X.G. | |
2011 | |
英文摘要 | The aim of this article is to advance the discussion of use-misuse cases as a tool for information system security risk assessment during system development. We closely examined the limitations and came up with some basic pointers that needed to be addressed in order to overcome the limitations. We proposed some solutions to these lacks and present a framework and modeling process to achieve the solutions. We illustrate the use of the proposed model on popular e-shop system as a case study. The proposed model is able to allow managers and system developers to share a commonly understand view concerning the potential impact of various information system related threats that make sense to them within their limited resources. ? 2011 IEEE.; EI; 0 |
语种 | 英语 |
DOI标识 | 10.1109/SSIRI-C.2011.29 |
内容类型 | 其他 |
源URL | [http://ir.pku.edu.cn/handle/20.500.11897/328735] ![]() |
专题 | 信息科学技术学院 |
推荐引用方式 GB/T 7714 | Arogundade, O.T.,Jin, Z.,Yang, X.G.. Enhancing use cases with subjective risk assessment. 2011-01-01. |
个性服务 |
查看访问统计 |
相关权益政策 |
暂无数据 |
收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论