Search results for "Software security assurance"

showing 4 items of 4 documents

Impact of COVID-19 on aquaculture sector in Malaysia: Findings from the first national survey

2021

Abstract Malaysian aquaculture sector consists of 391,000 t of cultivated organisms produced per year with an economic value for over USD 700 million as estimated in 2019. The COVID-19 pandemic caused a large global human pandemic and it is currently ongoing, affecting profoundly Malaysian aquaculture, which is vital for seafood provision and security assurance. Thus, to increase our understanding about how the pandemic affects aquaculture sectors is crucial to design possible management measures both at local and national level. To do it, we designed a survey, starting in May 2020, consisting of 25 online questions to collect information about the impact of COVID-19 on the aquaculture sect…

Settore BIO/07 - EcologiaCoronavirus disease 2019 (COVID-19)Standard operation procedureAquacultureAquatic ScienceAgricultural economicslcsh:Aquaculture. Fisheries. AnglingSupply and demand03 medical and health sciencesAquacultureGoogle formsOrder (exchange)Pandemic030304 developmental biologyInternational levellcsh:SH1-6910303 health sciencesbusiness.industryCOVID-1904 agricultural and veterinary sciencesFood securityAquaculture COVID-19 Food security Google forms Online surveySoftware security assurance040102 fisheries0401 agriculture forestry and fisheriesOnline surveyAnimal Science and ZoologyBusiness
researchProduct

Vulnerability Black Markets: Empirical Evidence and Scenario Simulation

2009

This paper discusses the manifest characteristics of online Vulnerability Black Markets (VBM), insider actors, interactions and mechanisms, obtained from masked observation. Because VBM transactions are hidden from general view, we trace their precursors as secondary evidence of their development and activity. More general attributes of VBMs and the exploits they discuss are identified. Finally, we introduce a simulation model that captures how vulnerability discoveries may be placed in a dual legal-black market context. We perform simulations and find that if legal markets expose vulnerabilities that go unresolved, the security and quality of software may suffer more than in the absence of…

Responsible disclosureExploitComputer scienceSoftware security assuranceVulnerabilityContext (language use)Vulnerability managementEmpirical evidenceComputer securitycomputer.software_genrecomputerIndustrial organizationInsider2009 42nd Hawaii International Conference on System Sciences
researchProduct

The security of mobile business applications based on mCRM

2020

A development of mobile technologies, and their common use in business, creates new challenges for people dealing with data security in the organization. This paper explores the types and nature of threats to the enterprise that result from the widespread use of business applications on smartphones (e.g. mobile CRM). The analysis has been focused on smartphones and tablets running on the Android operating system. We used STRIDE - a threat modeling technique commonly used to detect vulnerabilities in software security. We propose its modification to better design and implement solutions for the security of mobile devices. We also used the Data Flow Diagram and the Attack Tree concept to anal…

Attack treesInformation securityComputer science05 social sciencesAttack treeData securityMobile application02 engineering and technologyInformation securityComputer securitycomputer.software_genreSoftware security assurance020204 information systems0502 economics and businessThreat model0202 electrical engineering electronic engineering information engineeringSecurityData Protection Act 1998050211 marketingMobile technologyThreat modelingMobile devicecomputermCRM
researchProduct

Analysis of dynamic service oriented systems for security related problems detection

2017

The paper presents an approach to solve some problems arising in the management process of IT security. Our motivation of this research is to study in every detail the context of service oriented systems, which can be defined as considerable heterogeneous, dynamic and flexible configuration of the hardware and software system resources. The fundamental difference between security management systems with traditional centralized and monolithic architecture and service oriented systems is discussed. We propose a multilayered-reference model for service-oriented systems aimed predominantly at principal objectives related to IT based systems security working in dynamic environments. Likewise, co…

Security engineeringCloud computing securitysecurity incidentsSecurity serviceSoftware security assuranceComputer scienceDistributed computingSherwood Applied Business Security Architecturesecurity levelSecurity managementservice oriented systemsComputer security modelSecurity information and event management
researchProduct