Model based Security Risk Analysis for Web Applications: The CORAS approach | Zendy

Theo Dimitrakos | Zendy; Brian Ritchie | Zendy; Dimitris Raptis | Zendy; Ketil Stølen | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Model based Security Risk Analysis for Web Applications: The CORAS approach

Author(s) -

Theo Dimitrakos,

Brian Ritchie,

Dimitris Raptis,

Ketil Stølen

Publication year - 2002

Publication title -

electronic workshops in computing

Language(s) - English

Resource type - Conference proceedings

ISSN - 1477-9358

DOI - 10.14236/ewic/ew2002.6

Subject(s) - computer science , underpinning , software security assurance , risk analysis (engineering) , extensibility , risk management , software deployment , application security , web service , risk assessment , software engineering , process management , information security , security service , computer security , engineering , business , world wide web , operating system , civil engineering , finance

Security evaluation and security assurance are important aspects of trust in e-business. CORAS is a European project which is developing a tool-supported framework for precise, unambiguous, and efficient risk assessment of security critical systems. The framework is obtained through adapting, refining, extending, and combining methods for risk analysis of critical systems and semiformal modelling methods. In this paper we provide an overview of the CORAS framework for model-based risk assessment, emphasising its application on Web-enabled B2C e-commerce services and the meta-data based deployment model underpinning the CORAS extensible platform for tool inclusion.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research