Evaluation of the CORAL Approach for Risk-driven Security Testing based on an Industrial Case Study

Gencer Erdogan; Ketil Stølen; Jan Øyvind Aagedal

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Evaluation of the CORAL Approach for Risk-driven Security Testing based on an Industrial Case Study

Topics: Data and Software Security; Risk and Reputation Management; Security; Threat Awareness; Web Applications and Services

In Proceedings of the 2nd International Conference on Information Systems Security and Privacy ICISSP - Volume 1, 219-226, 2016 , Rome, Italy

Authors: Gencer Erdogan ¹ ; Ketil Stølen ¹ and Jan Øyvind Aagedal ²

Affiliations: ¹ SINTEF ICT and University of Oslo, Norway ; ² Equatex, Norway

Keyword(s): Case Study, Security Testing, Risk Assessment.

Related Ontology Subjects/Areas/Topics: Computer-Supported Education ; Enterprise Information Systems ; Information Systems Analysis and Specification ; Information Technologies Supporting Learning ; Security ; Security and Privacy

Abstract: The CORAL approach is a model-based method to security testing employing risk assessment to help security testers select and design test cases based on the available risk picture. In this paper we present experiences from using CORAL in an industrial case. The results indicate that CORAL supports security testers in producing risk models that are valid and threat scenarios that are directly testable. This, in turn, helps testers to select and design test cases according to the most severe security risks posed on the system under test.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.141.2.191

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Erdogan, G.; Stølen, K. and Aagedal, J. (2016). Evaluation of the CORAL Approach for Risk-driven Security Testing based on an Industrial Case Study. In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-167-0; ISSN 2184-4356, SciTePress, pages 219-226. DOI: 10.5220/0005650902190226

@conference{icissp16,
author={Gencer Erdogan. and Ketil Stølen. and Jan Øyvind Aagedal.},
title={Evaluation of the CORAL Approach for Risk-driven Security Testing based on an Industrial Case Study},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - ICISSP},
year={2016},
pages={219-226},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005650902190226},
isbn={978-989-758-167-0},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - ICISSP
TI - Evaluation of the CORAL Approach for Risk-driven Security Testing based on an Industrial Case Study
SN - 978-989-758-167-0
IS - 2184-4356
AU - Erdogan, G.
AU - Stølen, K.
AU - Aagedal, J.
PY - 2016
SP - 219
EP - 226
DO - 10.5220/0005650902190226
PB - SciTePress