The paper makes two main contributions: (1) It presents experiences from using the CORAS language for security threat modelling to specify legal risk scenarios. These experiences are summarised in the form of requirements to a more expressive language providing specific support for the legal domain. (2) Its second main contribution is to present ideas towards the fulfilment of these requirements. More specifically, it extends the CORAS conceptual model for security risk analysis with legal concepts and associations. Moreover, based on this extended conceptual model, it introduces a number of promising language constructs addressing some of the identified deficiencies. © Springer-Verlag Berlin Heidelberg 2005.
CITATION STYLE
Vraalsen, F., Lund, M. S., Mahler, T., Parent, X., & Stølen, K. (2005). Specifying legal risk scenarios using the CORAS threat modelling language: Experiences and the way forward. In Lecture Notes in Computer Science (Vol. 3477, pp. 45–60). Springer Verlag. https://doi.org/10.1007/11429760_4
Mendeley helps you to discover research relevant for your work.