Context-Sensitive Requirements and Risk Analysis

Date Added: Jul 2009
Format: PDF

When a system's context of use changes, the security impact may be felt in other contexts. Risks mitigated for one operational context may continue to pose a danger in others due to contextual differences in assets, threats and vulnerabilities. The research presented will identify security factors in these contexts of use, and describe their application to secure systems design. The contributions of this paper lead to conceptual models, processes and tool-support which better situate requirements and risk analysis for different contexts of use.