The Aspect-Oriented Risk-Driven Development (AORDD) Framework
作者: Siv Hilde Houmb , Geri Georg
DOI:
关键词:
摘要: Security critical systems development needs to integrate both project and product risks assessment into the development. Such need balance time market constraints, cost demands, functional requirement, as well security requirements. This advocate use of techniques that support costeffective risk-driven The aspect-oriented (AORDD) framework combines (RDD) with aspect oriented modeling (AOM). Development is incremental, iterative, risk-driven, each cycle ends a combined risk assessment. result list in treatment. Cost-effective treatment handled by AORDD cost-benefit trade-off analysis. paper focuses on risks, particular provides an overview
researchgate.net 参考文章(10)
Indrakshi Ray, Geri Georg, An Aspect-Based Approach to Modeling Security Concerns ,(2007)
Folker den Braber, Siv Hilde Houmb, Mass Soldal Lund, Ketil Stølen, Towards a UML Profile for Model-Based Risk Assessment ,(2002)
Siv Hilde Houmb, James Bieman, Geri Georg, Raghu Reddy, Predicting Availability of Systems using BBN in Aspect-Oriented Risk-Driven Development (AORDD) ,(2005)
Torsten Lodderstedt, David Basin, Jürgen Doser, SecureUML: A UML-Based Modeling Language for Model-Driven Security Lecture Notes in Computer Science. pp. 426- 441 ,(2002) , 10.1007/3-540-45800-X_33
Siv Hilde Houmb, Geri Georg, Dan Matheson, Using Aspects to Manage Security Risks in Risk-Driven Development ,(2004)
Jan Juerjens, Secure systems development with UML ,(2004)
Nancy G. Leveson, Safeware: System Safety and Computers ,(1995)
Bev Littlewood, Sarah Brocklehurst, Norman Fenton, Peter Mellor, Stella Page, David Wright, John Dobson, John McDermid, Dieter Gollmann, Towards Operational Measures of Computer Security Journal of Computer Security. ,vol. 2, pp. 211- 229 ,(1993) , 10.3233/JCS-1993-22-308
S.H. Houmb, G. Georg, R. France, J. Bieman, J. Jurjens, Cost-benefit trade-off analysis using BBN for aspect-oriented risk-driven development international conference on engineering of complex computer systems. pp. 195- 204 ,(2005) , 10.1109/ICECCS.2005.30
Finn V. Jensen, An introduction to Bayesian networks ,(1996)