Search For:

Displaying 1-9 out of 9 total
The Use and Usefulness of Threats in Goal-Oriented Modelling
Found in: 2013 Eighth International Conference on Availability, Reliability and Security (ARES)
By Per Hakon Meland,Erlend Andreas Gjaere,Stephane Paul
Issue Date:September 2013
pp. 428-436
Both goal and threat modelling are well-known activities related to high-level requirements engineering. While goals express why a system is needed, threats tell us why security for our system is needed. Still, you will often find that goals and threats ar...
 
Towards an Ontology for Cloud Security Obligations
Found in: 2013 Eighth International Conference on Availability, Reliability and Security (ARES)
By Karin Bernsmed,Astrid Undheim,Per Hakon Meland,Martin Gilje Jaatun
Issue Date:September 2013
pp. 577-581
This paper presents an ontology for Cloud security obligations, which is based on a number of industry accepted standards and guidelines. The ontology terms and relationships have been defined in the W3C ontology language OWL and includes a number of techn...
 
Thunder in the Clouds: Security challenges and solutions for federated Clouds
Found in: 2012 IEEE 4th International Conference on Cloud Computing Technology and Science (CloudCom)
By Karin Bernsmed,Martin Gilje Jaatun,Per Hakon Meland,Astrid Undheim
Issue Date:December 2012
pp. 113-120
Cloud federation brings together different service providers and their offered services, so that many Cloud variants can be tailored to match different sets of customer requirements. To mitigate security risks and convince hesitant customers, security must...
 
Representing Threats in BPMN 2.0
Found in: 2012 Seventh International Conference on Availability, Reliability and Security (ARES)
By Per Hakon Meland,Erlend Andreas Gjaere
Issue Date:August 2012
pp. 542-550
The Business Process Modeling Notation (BPMN) has become a broadly accepted standard for process modeling, but is mostly being used to express the normal execution flow of business processes. In some situations there is also a need to express threats and u...
 
Service Injection: A Threat to Self-Managed Complex Systems
Found in: Dependable, Autonomic and Secure Computing, IEEE International Symposium on
By Per Hâkon Meland
Issue Date:December 2011
pp. 1-6
The promises of a service-centric Future Internet, where we can mix, match and create rapid-grown services also bring new security challenges. This paper investigates a threat named service injection to self-managed composite service systems that consist o...
 
Security SLAs for Federated Cloud Services
Found in: Availability, Reliability and Security, International Conference on
By Karin Bernsmed,Martin Gilje Jaatun,Per Hâkon Meland,Astrid Undheim
Issue Date:August 2011
pp. 202-209
The federated Cloud paradigm aims to provide flexible and reliable services composed of a mixture of internal and external mini-clouds, but this heterogeneous nature is also fuelling the security concerns of the customers. To allay the fears and deal with ...
 
Security Modeling and Tool Support Advantages
Found in: Availability, Reliability and Security, International Conference on
By Egil Trygve Baadshaug, Gencer Erdogan, Per Hâkon Meland
Issue Date:February 2010
pp. 537-542
Security modeling is an important part of software security, especially when it comes to making security knowledge more easily accessible. The purpose of this paper is to give an overview of some of the current approaches to graphical security modeling and...
 
How can the developer benefit from security modeling?
Found in: Availability, Reliability and Security, International Conference on
By Shanai Ardi, David Byers, Per Hakon Meland, Inger Anne Tondel, Nahid Shahmehri
Issue Date:April 2007
pp. 1017-1025
<p>Security has become a necessary part of nearly every software development project, as the overall risk from malicious users is constantly increasing, due to increased consequences of failure, security threats and exposure to threats. There are few...
 
Ontology-based Use Cases for Design-time and Runtime Composition of Mobile Services
Found in: Mobile Data Management Workshops, 2008 Ninth International Conference on
By Michal Roj, Per Hakon Meland, Jacqueline Floch, Jaroslaw Domaszewicz
Issue Date:April 2008
pp. 29-36
This paper presents application of ontology-based modelling and reasoning related to the different phases of the lifecycle of mobile services. Ontology-based descriptions complement traditional design-time and runtime models allowing more complex reasoning...
 
 1