Search Results - "Tondel, Inger Anne"

Continuous software security through security prioritisation meetings by Tøndel, Inger Anne, Cruzes, Daniela Soares

“…Software security needs to be a continuous endeavour in current software development practices. Frequent software updates, paired with an ongoing flow of…”
Get full text

Security Incident Information Exchange for Cloud Service Provisioning Chains by Frøystad, Christian, Tøndel, Inger, Jaatun, Martin

“…Online services are increasingly becoming a composition of different cloud services, making incident-handling difficult, as Cloud Service Providers (CSPs) with…”
Get full text

Influencing the security prioritisation of an agile software development project by Tøndel, Inger Anne, Cruzes, Daniela Soares, Jaatun, Martin Gilje, Sindre, Guttorm

“…Software security is a complex topic, and for development projects it can be challenging to assess what security is necessary and cost-effective. Agile…”
Get full text

Accountability Requirements in the Cloud Provider Chain by Jaatun, Martin, Tøndel, Inger, Moe, Nils, Cruzes, Daniela, Bernsmed, Karin, Haugset, Børge

“…In order to be responsible stewards of other people’s data, cloud providers must be accountable for their data handling practices. The potential long provider…”
Get full text

Information security incident management: Current practice as reported in the literature by Tøndel, Inger Anne, Line, Maria B., Jaatun, Martin Gilje

“…This paper reports results of a systematic literature review on current practice and experiences with incident management, covering a wide variety of…”
Get full text

Improving smart grid security through 5G enabled IoT and edge computing by Borgaonkar, Ravishankar, Anne Tøndel, Inger, Zenebe Degefa, Merkebu, Gilje Jaatun, Martin

“…This article investigates and analyzes the security aspects of 5G specifications from the perspective of IoT‐based smart grids. As the smart grid requires…”
Get full text

A framework for incident response management in the petroleum industry by Jaatun, Martin Gilje, Albrechtsen, Eirik, Line, Maria B., Tøndel, Inger Anne, Longva, Odd Helge

“…Incident response is the process of responding to and handling security-related incidents involving information and communications technology (ICT)…”
Get full text

Personal health information on display: balancing needs, usability and legislative requirements by Gjære, Erlend Andreas, Tøndel, Inger Anne, Line, Maria B, Andresen, Herbjørn, Toussaint, Pieter

“…Large wall-mounted screens placed at locations where health personnel pass by will assist in self-coordination and improve utilisation of both resources and…”
Get more information

Interdependencies and reliability in the combined ICT and power system: An overview of current research by Tøndel, Inger Anne, Foros, Jørn, Kilskar, Stine Skaufel, Hokstad, Per, Jaatun, Martin Gilje

“…The smart grid vision implies extensive use of ICT in the power system, enabling increased flexibility and functionality and thereby meeting future demands and…”
Get full text

Hunting Dependencies: Using Bow-Tie for Combined Analysis of Power and Cyber Security by Tondel, Inger Anne, Vefsnmo, Hanne, Gjerde, Oddbjorn, Johannessen, Frode, Froystad, Christian

“…Modern electric power systems are complex cyber-physical systems. The integration of traditional power and digital technologies result in interdependencies…”
Get full text

The Quality Triage Method: Quickly Identifying User Stories with Quality Risks by Brataas, Gunnar, Tondel, Inger Anne, Okstad, Eivind, Lokberg, Ola, Jaatun, Martin Gilje, Hanssen, Geir Kjetil, Myklebust, Thor

“…Quality requirements often receive insufficient attention, both in agile and in traditional software development. This paper describes the quality triage, a…”
Get full text

How Much Cloud Can You Handle? by Jaatun, Martin Gilje, Tondel, Inger Anne

“…Outsourcing computing and storage to the cloud does not eliminate the need for handling of information security incidents. However, the long provider chains…”
Get full text

Forewarned is Forearmed: Indicators for Evaluating Information Security Incident Management by Bernsmed, Karin, Tøndel, Inger Anne

“…This paper presents a method for evaluating an organization's ability to manage security incidents. The method is based on resilient thinking, and describes…”
Get full text

Cyber security challenges in Smart Grids by Line, M. B., Tondel, I. A., Jaatun, M. G.

“…The introduction of telecommunication in the energy grid, leading the way towards Smart Grids, challenges the way safe operations have traditionally been…”
Get full text

Combining Misuse Cases with Attack Trees and Security Activity Models by Tndel, I.A., Jensen, J., Rstad, L.

“…Misuse cases and attack trees have been suggested for security requirements elicitation and threat modeling in software projects. Their use is believed to…”
Get full text

Challenges and Experiences with Applying Microsoft Threat Modeling in Agile Development Projects by Soares Cruzes, Daniela, Gilje Jaatun, Martin, Bernsmed, Karin, Tondel, Inger Anne

“…The goal of secure software engineering is to create software that keeps performing as intended even when exposed to attacks. Threat modeling is considered to…”
Get full text

Security Requirements for the Rest of Us: A Survey by Tondel, I.A., Jaatun, M.G., Meland, P.H.

“…Most software developers aren't primarily interested in security. For decades, the focus has been on implementing as much functionality as possible before the…”
Get full text

Covering Your Assets in Software Engineering by Jaatun, M.G., Tndel, I.A.

“…Many security requirements elicitation techniques implicitly assume that assets are identified on beforehand, but few actually describe how this should be…”
Get full text

Design and Implementation of a CBR-based Privacy Agent by Bernsmed, K., Tondel, I. A., Nyre, A. A.

“…This paper presents Privacy Advisor; a software which uses machine-learning techniques to help the users make online privacy decisions. Privacy Advisor is…”
Get full text

An Architectural Foundation for Security Model Sharing and Reuse by Meland, P.H., Ardi, S., Jensen, J., Rios, E., Sanchez, T., Shahmehri, N., Tondel, I.A.

“…Within the field of software security we have yet to find efficient ways on how to learn from past mistakes and integrate security as a natural part of…”
Get full text