To main content

A semantic paradigm for component-based specification integrating a notion of security risk

Abstract

We propose a semantic paradigm for component-based specification supporting the documentation of security risk behaviour. By security risk, we mean behaviour that constitutes a risk with regard to ICT security aspects, such as confidentiality, integrity and availability. The purpose of this work is to investigate the nature of security risk in the setting of component-based system development. A better understanding of security risk at the level of components facilitates the prediction of risks related to introducing a new component into a system. The semantic paradigm provides a first step towards integrating security risk analysis into the system development process.

Category

Academic chapter/article/Conference paper

Language

English

Author(s)

Affiliation

  • SINTEF Digital / Software and Service Innovation

Year

2007

Publisher

Springer

Book

4th International Workshop on Formal Aspects in Security and Trust (FAST'06)

Issue

4691

ISBN

9783540752264

Page(s)

31 - 46

View this publication at Cristin