From: Threat driven modeling framework using petri nets for e-learning system
Author | Modeling | Framework | Equation |
---|---|---|---|
Howard (2003) | NA | Framework consists of 3 modules: 1. Decompose application 2. Identify threats 3. Mitigate threats | After mitigation the severity is calculated only on basis of base metrics i.e. \(W_{{n_{new} }} = \frac{{V_{i} }}{K}\) |
Shrief et al. (2010) | Stochastic petri net | Framework consists of 6 modules: 1. Decompose application 2. Decomposition correction assessment 3. Identify threats 4. Mitigate threats 5. Mitigation correction assessment 6. Mitigation assessment | After mitigation the severity is calculated only in terms of base and temporal metrics i.e. \(W_{{n_{new} }} = \frac{{V_{i} \times E\times RL\times RC}}{K}\) |
Our proposed approach | Aspect oriented stochastic petri nets | Framework consists of 6 modules and threat identification is divided into sub modules. 1. Disintegrate application 2. Disintegration correction assessment 3.1. Threat identification 3.2. Identify application vulnerability 3.3. Risk assessment matrix 4. Mitigate (Attenuate) threats 5. Mitigation (Attenuation) correction assessment 6. Mitigation (Attenuation) assessment | After mitigation the severity is calculated only in terms of base, temporal and environmental metrics i.e. \(W_{{n_{new} }} = \frac{{V_{i} \times E\times RL\times RC}}{K\times CR \times IR\times AR}\) |