To main content

A semantic paradigm for component-based specification integrating a notion of security risk

Abstract

We propose a semantic paradigm for component-based specification supporting the documentation of security risk behaviour. By security risk, we mean behaviour that constitutes a risk with regard to ICT security aspects, such as confidentiality, integrity and availability. The purpose of this work is to investigate the nature of security risk in the setting of component-based system development. A better understanding of security risk at the level of components facilitates the prediction of risks related to introducing a new component into a system. The semantic paradigm provides a first step towards integrating security risk analysis into the system development process.

Category

Academic chapter/article/Conference paper

Language

English

Author(s)

  • Gyrd Brændeland
  • Ketil Stølen

Affiliation

  • SINTEF Digital / Sustainable Communication Technologies

Year

2007

Publisher

Springer

Book

Formal Aspects in Security and Trust: Fourth International Workshop, FAST 2006, Hamilton, Ontario, Canda, August 26-27, 2006, Revised Selected Papers

Issue

4691

ISBN

978-3-540-75226-4

Page(s)

31 - 46

View this publication at Cristin