Abstract
As there is an increasing reliance on information systems in most organizations, there is also an increased risk of security accidents of information systems. Therefore, in order to verify the potential security risks and their results, it is necessary to have a security threat assessment process called threat modeling. However, research in security threat modeling has yet to mature as there is paucity of established techniques and tools to aid the threat modeling and formal analysis process. This study provides a method to design and analyze threats that occur in the bio-information processing system using the visual Goal-oriented threat modeling. In addition, it determines each threat based on the Goal-Threat model and defends itself through measuring repetitive assessment, vulnerability the degree of risk. Then, by designing each organization to perform security checks on its own, it supports to make it possible to easily find vulnerabilities in terms of administration and presents a recommendation to be performed in order to ensure stability.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Arun AR, Nandakumar K, Anil KJ (2006) Handbook of multibiometrics. Springer, New York
Shin YN, Kwon MJ, Lee YJ, Park JI, Chun MG (2009) Biometric and Identity reference protection. J Korean Inst Intell Syst 19(2):160–167
Shin YN, Kim YJ, Chun MG (2011) Operational management for biometrics hardware security module and PKI. J Korean Inst Inf Technol 9(5):207–216
Swiderski F, Snyder W (2004) Threat modeling. MicrosoftPress, Redmond
Park KY, Yoo SG, Kim J (2011) Security requirements prioritization based on threat modeling and valuation graph. Commun Comput Inf Sci 206:142–152
Baek SJ, Han JS, Song YJ (2012) Security threat modeling and requirement analysis method based on goal-scenario, IT convergence and security. In: Proceedings of the international conference on IT convergence and security 2011/2012, pp 419–424
ISO/IEC JTC1 SC27 N8802 (2010) Biometric information protection. Final Committee Draft, 2010
Acknowledgments
This work was supported by the Security Engineering Research Center, granted by the Korea Ministry of Knowledge Economy.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer Science+Business Media Dordrecht
About this paper
Cite this paper
Baek, SJ., Ko, JW., Han, JS. (2013). Analysis of Threat-Factors for Biometric-Information Processing Systems According to Goal-Oriented Threat- Modeling. In: Kim, K., Chung, KY. (eds) IT Convergence and Security 2012. Lecture Notes in Electrical Engineering, vol 215. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-5860-5_134
Download citation
DOI: https://doi.org/10.1007/978-94-007-5860-5_134
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-5859-9
Online ISBN: 978-94-007-5860-5
eBook Packages: EngineeringEngineering (R0)