Copenhagen Programming Language Seminar

Security Modelling through Security Risk Management

Dr. Raimundas Matulevicius

Friday 6 March 2009, 13:00-14:00
The IT University, Rued Langgaards Vej 7, DK-2300 Room 4A.14


Security plays a major role in today's software development. Reasoning on security involves analysing risks, and effectively communicating risk-related information. However, current security modelling languages are considered as an ?open-ended methods? suggesting no precise guidelines and relying on the developer?s creativity. In this colloquium-style talk, we will discuss how to improve security modelling languages, e.g., Secure Tropos, KAOS, and Misuse cases. We will analyse these languages in the light of an existing reference model for security risk management. This allows developers to check language concepts and terminology against those of current risk management standards, and, thereby, improve the conceptual appropriateness of these languages. Using the improved (risk-grounded) security modelling languages developers can easily capture, reason, and select security decisions already at the early stages of the software development.

Scientific host:Jakob Bardram Administrative host: Annette Enggaard. All are welcome.
The Copenhagen Programming Language Seminar (COPLAS) is a collaboration between DIKU, ITU, KVL and RUC.
COPLAS is sponsored by the FIRST Graduate School.
To receive information about COPLAS talks by email, send a message to prog-lang-request@mail.it-c.dk with the word 'subscribe' as subject or in the body.

For more information about COPLAS, see http://www.coplas.org