Shamal Faily
Tool-supported premortems with attack and security patterns.
Faily, Shamal; Lyle, John; Parkin, Simon
Authors
John Lyle
Simon Parkin
Abstract
Security patterns are a useful technique for packaging and applying security knowledge. However, because patterns represent partial knowledge of a problem and solution space, there is little certainty that addressing the consequences of one problem won't introduce or exacerbate another. In this abstract, we suggest that rather than using patterns exclusively to explore possible solutions to security problems, we should use them to carry out a premortem on why they instead cause problems. We present the approach taken to devise and tool-support such a process using data from the EU FP 7 webinos project.
Citation
FAILY, S., LYLE, J. and PARKIN, S. 2012. Tool-supported premortems with attack and security patterns. In Proceedings of the 1st International workshop on cyberpatterns (Cyberpatterns 2012): unifying design patterns with security, attack and forensic patterns, 9-10 July 2012, Abingdon, UK. Oxford: Oxford Brookes University, pages 10-11.
| Presentation Conference Type | Conference Paper (published) |
|---|---|
| Conference Name | 1st International workshop on cyberpatterns (Cyberpatterns 2012): unifying design patterns with security, attack and forensic patterns |
| Start Date | Jul 9, 2012 |
| End Date | Jul 10, 2012 |
| Acceptance Date | Jul 9, 2012 |
| Publication Date | Jul 9, 2012 |
| Deposit Date | Dec 15, 2021 |
| Publicly Available Date | Dec 17, 2021 |
| Publisher | Oxford Brookes University |
| Peer Reviewed | Peer Reviewed |
| Pages | 10-11 |
| Keywords | Systems security; Security risk analysis; Security patterns; Attack patterns; Hacking; Software engineering; Computer aided integration of requirements and information security (CAIRIS) |
| Public URL | https://rgu-repository.worktribe.com/output/1427777 |
Files
FAILY 2012 Tool-supported premortems with attack
(778 Kb)
PDF
You might also like
Privacy goals for the data lifecycle.
(2022)
Journal Article
Assessing system of systems information security risk with OASoSIS.
(2022)
Journal Article
Visualising personas as goal models to find security tensions.
(2021)
Journal Article
Evaluating privacy: determining user privacy expectations on the web.
(2021)
Journal Article
DPIA in context: applying DPIA to assess privacy risks of cyber physical systems.
(2020)
Journal Article
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search