Tool-assisted Security Assessment of
Universität Dortmund, FB Informatik, LS IV, D-44221 Dortmund
The CORBA security services support the flexible provision of
security features. Their employment, however, has to be tailored
to the assets and threats of a system. We relate the corresponding
analysis and design of CORBA systems with traditional security
analysis, risk assessment, and countermeasure planning as it is in
the scope of information system security standards.
Since security analysis tends to be difficult and error-prone, we
combine that proposal with our object-oriented security analysis
and modeling approach. It employs object-oriented modeling
techniques and tool-assistance in order to facilitate the analysis
and assure its quality even in case of extensive systems.
Security analysis, risk assessment, Common Criteria, CORBA security services, object-oriented security analysis
Proceedings of the 3rd IFIP WG6.1 International Working Conference on
Distributed Applications and
Interoperable Systems (DAIS'2001), pages 289-294, Krakow, September 2001,
Kluwer Academic Publisher.
Obtaining the paper
Due to the copyright agreement between the publisher and the authors we are
not allowed to make the paper available online. If you have problems to
please call us.
Peter Herrmann, September 21, 2001
-- digital media copyright