Title :
A Threat Analysis Methodology for Security Evaluation and Enhancement Planning
Author :
Stango, Antonietta ; Prasad, Neeli R. ; Kyriazanos, Dimitris M.
Author_Institution :
CTiF, Aalborg Univ., Aalborg, Denmark
Abstract :
Threat analysis gives how potential adversaries exploit system weakness to achieve their goals. It identifies threats and defines a risk mitigation policy for a specific architecture, functionality and configuration. In a threat analysis security metrics are a challenging requirement in order to determine the status of network security performance and to further enhance it by minimizing exposure to considerable threats and vulnerabilities. In this paper the authors propose a generic methodology for threat analysis and security metrics in order to prioritize threats and vulnerabilities and proceed with security enhancement planning in personal networks (PNs).
Keywords :
planning (artificial intelligence); security of data; software architecture; software metrics; enhancement planning; personal networks; security evaluation; threat analysis methodology; threat analysis security metrics; Application software; Computer architecture; Computer security; Electronic mail; Information security; National security; Protection; Risk analysis; Risk management; Unified modeling language; assets; security metrics; threat analysis; vulnerabilities;
Conference_Titel :
Emerging Security Information, Systems and Technologies, 2009. SECURWARE '09. Third International Conference on
Conference_Location :
Athens, Glyfada
Print_ISBN :
978-0-7695-3668-2
DOI :
10.1109/SECURWARE.2009.47
