Applying use cases: a practical guide
Applying use cases: a practical guide
The Rational Unified Process: an introduction
The Rational Unified Process: an introduction
Extended description techniques for security engineering
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
Using model-based security analysis in component-oriented system development
Proceedings of the 2nd ACM workshop on Quality of protection
Computer-aided Support for Secure Tropos
Automated Software Engineering
Quantitative software security risk assessment model
Proceedings of the 2007 ACM workshop on Quality of protection
Assessing the risk of intercepting VoIP calls
Computer Networks: The International Journal of Computer and Telecommunications Networking
Risk assessment in practice: A real case study
Computer Communications
Proceedings of the 4th ACM workshop on Quality of protection
Towards more secure systems: how to combine expert evaluations
Proceedings of the 4th international conference on Security and privacy in communication netowrks
An evaluation of business solutions in manufacturing enterprises
International Journal of Business Intelligence and Data Mining
MODELS '09 Proceedings of the 12th International Conference on Model Driven Engineering Languages and Systems
ER '09 Proceedings of the 28th International Conference on Conceptual Modeling
A semantic paradigm for component-based specification integrating a notion of security risk
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
Modeling social and individual trust in requirements engineering methodologies
iTrust'05 Proceedings of the Third international conference on Trust Management
A Unified Use-Misuse Case Model for Capturing and Analysing Safety and Security Requirements
International Journal of Information Security and Privacy
Hi-index | 0.00 |
This chapter introduces the CORAS methodology in which Unified Modeling Language (UML) and Unified Process (UP) are combined to support a model-based risk assessment on security-critical systems. The hypothesis is that modeling techniques like UML contribute to increased understanding for the different stakeholders involved during a risk assessment. In the CORAS methodology, a traditional risk management, process is integrated with UP, which is a well-accepted system development process. CORAS tries to show how UML can contribute to better understanding, documentation, and communicating during the different phases of the risk management process. CORAS addresses both systems under development and systems already in use.