• DocumentCode
    464345
  • Title

    Stakeholder Value Driven Threat Modeling for Off the Shelf Based Systems

  • Author

    Yue Chen ; Boehm, B.W.

  • Author_Institution
    Center for Syst. & Software Eng., Univ. of Southern California, Los Angeles, CA
  • fYear
    2007
  • fDate
    20-26 May 2007
  • Firstpage
    91
  • Lastpage
    92
  • Abstract
    As the trend of the usage of third party commercial-off-the-shelf (COTS) and open source software continuously increases, COTS security has become a major concern for many organizations whose daily business extensively relies upon a healthy IT infrastructure. But, according to the 2006 CSI/FBI computer criminal survey, 47% of the surveyed organizations only spent no more than 2% of the IT budget in security. Often, competing with limited IT resources and the fast changing Internet threats, the ability to prioritize security vulnerabilities and address them efficiently has become a critical success factor for every security manager.
  • Keywords
    public domain software; security of data; software packages; COTS security; commercial-off-the-shelf based system; open source software; stakeholder value driven threat modeling; Availability; Business; Computer security; Data security; Databases; Information security; NIST; Open source software; Software engineering; Tree graphs;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Engineering - Companion, 2007. ICSE 2007 Companion. 29th International Conference on
  • Conference_Location
    Minneapolis, MN
  • Print_ISBN
    0-7695-2892-9
  • Type

    conf

  • DOI
    10.1109/ICSECOMPANION.2007.69
  • Filename
    4222695
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=464345