Volltext-Downloads (blau) und Frontdoor-Views (grau)
  • search hit 1 of 343
Back to Result List

"Open Weakness and Vulnerability Modeler" (OVVL) – An Updated Approach to Threat Modeling

  • The development of secure software systems is of ever-increasing importance. While software companies often invest large amounts of resources into the upkeeping and general security properties of large-scale applications when in production, they appear to neglect utilizing threat modeling in the earlier stages of the software development lifecycle. When applied during the design phase ofThe development of secure software systems is of ever-increasing importance. While software companies often invest large amounts of resources into the upkeeping and general security properties of large-scale applications when in production, they appear to neglect utilizing threat modeling in the earlier stages of the software development lifecycle. When applied during the design phase of development, and continuously throughout development iterations, threat modeling can help to establish a "Secure by Design" approach. This approach allows issues relating to IT security to be found early during development, reducing the need for later improvement – and thus saving resources in the long term. In this paper the current state of threat modeling is investigated. This investigation drove the derivation of requirements for the development of a new threat modelling framework and tool, called OVVL. OVVL utilizes concepts of established threat modeling methodologies, as well as functionality not available in existing solutions.show moreshow less

Export metadata

Statistics

frontdoor_oas
Metadaten
Document Type:Conference Proceeding
Conference Type:Konferenzartikel
Zitierlink: https://opus.hs-offenburg.de/3683
Bibliografische Angaben
Title (English):"Open Weakness and Vulnerability Modeler" (OVVL) – An Updated Approach to Threat Modeling
Conference:16th International Joint Conference on e-Business and Telecommunications (ICETE 2019), July 26-28, 2019, Prague, Czech Republic
Author:Andreas SchaadStaff MemberGND, Tobias Reski
Year of Publication:2019
Page Number:8
First Page:417
Last Page:424
Parent Title (English):Proceedings of the 16th International Joint Conference on e-Business and Telecommunications, Prague, Czech Republic - Volume 2: SECRYPT
Volume:2
ISBN:978-989-758-378-0
DOI:https://doi.org/10.5220/0007919004170424
Language:English
Inhaltliche Informationen
Institutes:Forschung / CRT - Campus Research & Transfer
Fakultät Medien und Informationswesen (M+I) (bis 21.04.2021)
Institutes:Bibliografie
Tag:Risk Assessment; Security Engineering; Software Security; Threat Modeling
Formale Angaben
Open Access: Closed Access 
Licence (German):License LogoCreative Commons - CC BY-NC-ND - Namensnennung - Nicht kommerziell - Keine Bearbeitungen 4.0 International