Paper Info
Title
Cost-Benefit Trade-Off Analysis Using BBN for Aspect-Oriented Risk-Driven Development
Abstract
Security critical systems must perform at the required security level, make effective use of available resources, and meet end-users expectations. Balancing these needs, and at the same time fulfilling budget and time-to-market constraints, requires developers to design and evaluate alternative security treatment strategies. In this paper, we present a development framework that utilizes Bayesian Belief Networks (BBN) and Aspect-Oriented Modeling (AOM) for a cost-benefit trade-off analysis of treatment strategies. AOM allows developers to model pervasive security treatments separately from other system functionality. This ease the trade-off by making it possible to swap treatment strategies in and out when computing Return on Security Investments (RoSI). The trade-off analysis is implemented using BBN, and RoSI is computed by estimating a set of variables describing properties of a treatment strategy. RoSI for each treatment strategy is then used as input to choice of design.
Year
DOI
Venue
2005
10.1109/ICECCS.2005.30
ICECCS
Keywords
DocType
ISBN
Security Investments,pervasive security treatment,available resource,Aspect-Oriented Risk-Driven Development,security critical system,required security level,Aspect-Oriented Modeling,cost-benefit trade-off analysis,treatment strategy,alternative security treatment strategy,trade-off analysis,Cost-Benefit Trade-Off Analysis
Conference
0-7695-2284-X
Citations 
PageRank 
References 
9
0.94
0
Authors
3
Name
Order
Citations
PageRank
Geri Georg164940.47
James Bieman2382.75
Jan Jurjens316916.07