Free Delivery Over $100
|
|
|||
|
||||
OverviewThe term “risk” is known from many fields, and we are used to references to contractual risk, economic risk, operational risk, legal risk, security risk, and so forth. We conduct risk analysis, using either offensive or defensive approaches to identify and assess risk. Offensive approaches are concerned with balancing potential gain against risk of investment loss, while defensive approaches are concerned with protecting assets that already exist. In this book, Lund, Solhaug and Stølen focus on defensive risk analysis, and more explicitly on a particular approach called CORAS. CORAS is a model-driven method for defensive risk analysis featuring a tool-supported modelling language specially designed to model risks. Their book serves as an introduction to risk analysis in general, including the central concepts and notions in risk analysis and their relations. The authors’ aim is to support risk analysts in conducting structured and stepwise risk analysis. To this end, the book is divided into three main parts. Part I of the book introduces and demonstrates the central concepts and notation used in CORAS, and is largely example-driven. Part II gives a thorough description of the CORAS method and modelling language. After having completed this part of the book, the reader should know enough to use the method in practice. Finally, Part III addresses issues that require special attention and treatment, but still are often encountered in real-life risk analysis and for which CORAS offers helpful advice and assistance. This part also includes a short presentation of the CORAS tool support. The main target groups of the book are IT practitioners and students at graduate or undergraduate level. They will appreciate a concise introduction into the emerging field of risk analysis, supported by a sound methodology, and completed with numerous examples and detailed guidelines. Full Product DetailsAuthor: Mass Soldal Lund , Bjørnar Solhaug , Ketil StølenPublisher: Springer-Verlag Berlin and Heidelberg GmbH & Co. KG Imprint: Springer-Verlag Berlin and Heidelberg GmbH & Co. K Edition: 2011 ed. Dimensions: Width: 15.50cm , Height: 2.40cm , Length: 23.50cm Weight: 0.724kg ISBN: 9783642447013ISBN 10: 3642447015 Pages: 460 Publication Date: 14 November 2014 Audience: Professional and scholarly , Professional & Vocational Format: Paperback Publisher's Status: Active Availability: Manufactured on demand  We will order this item for you from a manufactured on demand supplier. Table of ContentsPart I: Introductory Overview 1) Introduction - 2) Background and Related Work - 3) A Guided Tour to the CORAS Method Part II: Core Approach 4) The CORAS Risk Modeling Language - 5) Preparations for the Analysis - 6) Customer Presentation of Target - 7) Refining the Target Description Using Asset Diagrams - 8) Approval of Target Description - 9) Risk Identification Using Threa Diagrams - 10) Risk Estimation Using Risk Diagrams - 11) Risk Evaluation Using Risk Evaluation Diagrams - 12) Risk Treatment Using Treatment Diagrams Part III: Selected Issues 13) Analysing Likelihood Using CORAS Diagrams - 14) The High-Level CORAS Language - 15) Using CORAS to Support Change Management - 16) The Dependent CORAS Language - 17) Using CORAS to Analyse Legal Aspects - 18) The CORAS Tool Part IV: Appendices A) CORAS Language Grammar - B) CORAS Language Semantics - C) CORAS GuidelinesReviewsThe book is quite well organized [...]. Graduate students and researchers unfamiliar with risk assessment techniques and risk management issues will find [it] illuminating. ACM Computing Reviews, Sandeep Shukla, June 2012 Author InformationKetil Stølen is Chief Scientist at SINTEF ICT, Oslo, Norway, where he leads the Group for Quality and Security Technology at the Department for Cooperative and Trusted Systems. Mass Soldal Lund is a researcher this group, specialising on risk analysis and thread modeling. Bjørnar Solhaug is a PhD student at the Department of Information Science and Media Studies, University of Bergen, Norway, and SINTEF ICT, working on formal languages for the specification of trust management policies. Tab Content 6Author Website:Countries AvailableAll regions |
||||
