Bakgrunn og aktiviteter
- Software security and security testing
- Software vulnerability analysis
- Model driven software development and model driven security
- Access control, usage control and privacy protection
- Security monitoring, policies, languages, models and enforcement
Vitenskapelig, faglig og kunstnerisk arbeid
Viser et utvalg av aktivitet. Se alle publikasjoner i databasen
- (2018) Quantitative security assurance metrics: REST API case studies. Proceedings of the 12th European Conference on Software Architecture ; 2018-09-24 - 2018-09-28.
- (2018) Source Code Patterns of Buffer Overflow Vulnerabilities in Firefox. SICHERHEIT 2018.
- (2018) Source Code Patterns of Cross Site Scripting in PHP Open Source Projects. Norsk Informasjonssikkerhetskonferanse (NISK). vol. 11.
- (2018) Towards a Quantitative Approach for Security Assurance Metrics. The Twelfth International Conference on Emerging Security Information, Systems and Technologies; SECURWARE 2018 September 16, 2018 to September 20, 2018 - Venice, Italy.
- (2018) Make it and Break it: An IoT Smart Home Testbed Case Study. International Conference on Cyber Physical Systems and IoT(CPSIOT 2018) . ACM; Stolkholm. 2018-09-21 - 2018-09-23.
- (2018) A Pilot Study in Cyber Security Education Using CyberAIMs: A Simulation-Based Experiment. IFIP Advances in Information and Communication Technology. vol. 531.
- (2017) Source Code Patterns of SQL Injection Vulnerabilities. ARES'17. Proceedings of The 12th International Conference on Availability, Reliability and Security, Reggio Calabria, Italy — August 29 - September 01, 2017.
- (2015) A process for mastering security evolution in the development lifecycle. International Journal on Software Tools for Technology Transfer (STTT). vol. 17.
- (2014) Factors of Access Control Management in Electronic Healthcare: The Patients' Perspective. 2014 47th Hawaii International Conference on System Sciences ; 2014-01-06 - 2014-01-09.
- (2014) Security Test Generation by Answer Set Programming. In the 8th International Conference on Software Security and Reliability ; 2014-06-30 - 2014-07-02.
- (2013) Towards a Model- and Learning-Based Framework for Security Anomaly Detection. Formal Methods for Components and Objects.
- (2013) Enhancing Model Driven Security through Pattern Refinement Techniques. Formal Methods for Components and Objects.
- (2012) Monitoring Anomalies in IT-Landscapes Using Clustering Techniques and Complex Event Processing. Leveraging Applications of Formal Methods, Verification, and Validation.
- (2012) Anomaly Detection in the Cloud: Detecting Security Incidents via Machine Learning. Trustworthy Eternal Systemsvia Evolving Software, Data and Knowledge..
- (2012) Managing Privacy and Effectiveness of Patient-Administered Authorization Policies. International Journal of Computational Models and Algorithms in Medicine (IJCMAM).
- (2012) Considering privacy and effectiveness of authorization policies for shared electronic health records. IHI '12 Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium ; 2012-01-28 - 2012-01-30.
- (2012) The Process of Policy Authoring of Patient-Controlled Privacy Preferences. Electronic Healthcare.
- (2010) cover Meeting EHR Security Requirements: SeAAS Approach. Seamless Care – Safe Care.
- (2010) Supporting Role Based Provisioning with Rules Using OWL and F-Logic. On the Move to Meaningful Internet Systems: OTM 2010. OTM 2010 ; 2010-10-25 - 2010-10-29.
- (2008) Workflow Testing. Leveraging Applications of Formal Methods (ISoLA 2008) ; 2008-10-13 - 2008-10-16.
- (2008) Privacy and Access Control for IHE-Based Systems. Electronic Healthcare. eHealth 2008 ; 2008-09-08 - 2008-09-09.
- (2008) Model-Driven Policy Framework for Usage Control-based Privacy. the second International workshop on Model-based Design Of Trustworthy Health Information Systems (MOTHIS) ; 2008-09-28 - 2008-10-03.
- (2008) A general obligation model and continuity enhanced policy enforcement engine for usage control. SACMAT '08 Proceedings of the 13th ACM symposium on Access control models and technologies ; 2008-06-11 - 2008-06-13.