Title | ||
---|---|---|
Cost-Benefit Trade-Off Analysis Using BBN for Aspect-Oriented Risk-Driven Development |
Abstract | ||
---|---|---|
Security critical systems must perform at the required security level, make effective use of available resources, and meet end-users expectations. Balancing these needs, and at the same time fulfilling budget and time-to-market constraints, requires developers to design and evaluate alternative security treatment strategies. In this paper, we present a development framework that utilizes Bayesian Belief Networks (BBN) and Aspect-Oriented Modeling (AOM) for a cost-benefit trade-off analysis of treatment strategies. AOM allows developers to model pervasive security treatments separately from other system functionality. This ease the trade-off by making it possible to swap treatment strategies in and out when computing Return on Security Investments (RoSI). The trade-off analysis is implemented using BBN, and RoSI is computed by estimating a set of variables describing properties of a treatment strategy. RoSI for each treatment strategy is then used as input to choice of design. |
Year | DOI | Venue |
---|---|---|
2005 | 10.1109/ICECCS.2005.30 | ICECCS |
Keywords | DocType | ISBN |
Security Investments,pervasive security treatment,available resource,Aspect-Oriented Risk-Driven Development,security critical system,required security level,Aspect-Oriented Modeling,cost-benefit trade-off analysis,treatment strategy,alternative security treatment strategy,trade-off analysis,Cost-Benefit Trade-Off Analysis | Conference | 0-7695-2284-X |
Citations | PageRank | References |
9 | 0.94 | 0 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Geri Georg | 1 | 649 | 40.47 |
James Bieman | 2 | 38 | 2.75 |
Jan Jurjens | 3 | 169 | 16.07 |