[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Andreas Thompson 1 and Gencer Erdogan 2

Affiliations: 1 University of Oslo, Oslo, Norway ; 2 Software and Service Innovation, SINTEF Digital, Oslo, Norway

Keyword(s): Security, Privacy, Cyber-risk, DevOps, IoT, Method, Risk-driven, Planning, Tool Support, Smart Home.

Abstract: There is a serious lack of support for trustworthy smart IoT systems within DevOps. Security and privacy are often overlooked in DevOps cultures and almost absent in the context of IoT. In this paper, we focus on the planning stage of DevOps and propose a tool-supported method for risk-driven planning considering security and privacy risks. Our method consists of five steps: establish context, analyse dataflow, model privacy and security risk, develop risk assessment algorithm based on risk model, and execute risk assessment algorithm. Our tool supports this method in the first and the last step and facilitates dynamic risk assessment based on input provided by the user or collected from the monitoring stage into predefined risk models. The output of the tool is a risk assessment which the end users, e.g. developers, can use as decision support to prioritize certain parts of the target under analysis in the next cycle of DevOps. The tool and the method are evaluated in a real-world s mart home case. Our initial evaluation indicates that the approach is comprehensible for our intended users, supports the planning stage in terms of security and privacy risk assessment, and feasible for use in the DevOps practice. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 79.170.44.78

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Thompson, A. and Erdogan, G. (2020). Tool Support for Risk-driven Planning of Trustworthy Smart IoT Systems within DevOps. In Proceedings of the 6th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-399-5; ISSN 2184-4356, SciTePress, pages 742-753. DOI: 10.5220/0009189307420753

@conference{icissp20,
author={Andreas Thompson and Gencer Erdogan},
title={Tool Support for Risk-driven Planning of Trustworthy Smart IoT Systems within DevOps},
booktitle={Proceedings of the 6th International Conference on Information Systems Security and Privacy - ICISSP},
year={2020},
pages={742-753},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009189307420753},
isbn={978-989-758-399-5},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 6th International Conference on Information Systems Security and Privacy - ICISSP
TI - Tool Support for Risk-driven Planning of Trustworthy Smart IoT Systems within DevOps
SN - 978-989-758-399-5
IS - 2184-4356
AU - Thompson, A.
AU - Erdogan, G.
PY - 2020
SP - 742
EP - 753
DO - 10.5220/0009189307420753
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic

<style> #socialicons>a span { top: 0px; left: -100%; -webkit-transition: all 0.3s ease; -moz-transition: all 0.3s ease-in-out; -o-transition: all 0.3s ease-in-out; -ms-transition: all 0.3s ease-in-out; transition: all 0.3s ease-in-out;} #socialicons>ahover div{left: 0px;} </style>