{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:22:13Z","timestamp":1742912533542,"version":"3.40.3"},"publisher-location":"Cham","reference-count":24,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319395630"},{"type":"electronic","value":"9783319395647"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-39564-7_24","type":"book-chapter","created":{"date-parts":[[2016,6,6]],"date-time":"2016-06-06T07:27:56Z","timestamp":1465198076000},"page":"254-265","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Extending HARM to make Test Cases for Penetration Testing"],"prefix":"10.1007","author":[{"given":"Aparna","family":"Vegendla","sequence":"first","affiliation":[]},{"given":"Thea Marie","family":"S\u00f8gaard","sequence":"additional","affiliation":[]},{"given":"Guttorm","family":"Sindre","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,6,7]]},"reference":[{"key":"24_CR1","doi-asserted-by":"crossref","unstructured":"Barmi, Z.A., Ebrahimi, A.H., Feldt, R.: Alignment of requirements specification and testing: a systematic mapping study. In: 2011 IEEE Fourth International Conference on Software Testing, Verification and Validation Workshops (ICSTW). IEEE (2011)","DOI":"10.1109\/ICSTW.2011.58"},{"issue":"2","key":"24_CR2","first-page":"16","volume":"23","author":"M Unterkalmsteiner","year":"2014","unstructured":"Unterkalmsteiner, M., Feldt, R., Gorschek, T.: A taxonomy for requirements engineering and software test alignment. ACM Trans. Soft. Eng. Method. (TOSEM) 23(2), 16 (2014)","journal-title":"ACM Trans. Soft. Eng. Method. (TOSEM)"},{"key":"24_CR3","doi-asserted-by":"crossref","unstructured":"Talukder, A.K., et al. Security-aware software development life cycle (SaSDLC) - processes and tools. In: IFIP International Conference on Wireless and Optical Communications Networks, WOCN 2009 (2009)","DOI":"10.1109\/WOCN.2009.5010550"},{"key":"24_CR4","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1109\/MSP.2005.23","volume":"1","author":"B Arkin","year":"2005","unstructured":"Arkin, B., Stender, S., McGraw, G.: Software penetration testing. IEEE Secur. Priv. 1, 84\u201387 (2005)","journal-title":"IEEE Secur. Priv."},{"issue":"3","key":"24_CR5","doi-asserted-by":"publisher","first-page":"769","DOI":"10.1147\/sj.403.0769","volume":"40","author":"CC Palmer","year":"2001","unstructured":"Palmer, C.C.: Ethical hacking. IBM Syst. J. 40(3), 769\u2013780 (2001)","journal-title":"IBM Syst. J."},{"key":"24_CR6","doi-asserted-by":"crossref","unstructured":"McDermott, J.P., Attack net penetration testing. In: Proceedings of the 2000 Workshop on New Security Paradigms, pp. 15\u201321. ACM: Ballycotton, County Cork, Ireland (2000)","DOI":"10.1145\/366173.366183"},{"key":"24_CR7","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1007\/978-3-642-29578-2_10","volume-title":"Software and Data Technologies","author":"P Karpati","year":"2013","unstructured":"Karpati, P., Opdahl, A., Sindre, G.: HARM: hacker attack representation method. In: Cordeiro, J., Virvou, M., Shishkov, B. (eds.) Software and Data Technologies, pp. 156\u2013175. Springer, Heidelberg (2013)"},{"key":"24_CR8","doi-asserted-by":"crossref","unstructured":"Dawson, P., Five ways to hack and cheat with bring\u2010your\u2010own\u2010device electronic examinations. Br. J. Educ. Technol. (2015). http:\/\/onlinelibrary.wiley.com\/doi\/10.1111\/bjet.12246\/epdf","DOI":"10.1111\/bjet.12246"},{"key":"24_CR9","doi-asserted-by":"crossref","unstructured":"Frankl, G., Schartner, P., Zebedin, G.: Secure online exams using students\u2019 devices. In: 2012 IEEE Global Engineering Education Conference (EDUCON). IEEE (2012)","DOI":"10.1109\/EDUCON.2012.6201111"},{"key":"24_CR10","series-title":"Lecture Notes in Business Information Processing","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-16782-9_1","volume-title":"The Practice of Enterprise Modeling","author":"V Katta","year":"2010","unstructured":"Katta, V., Karpati, P., Opdahl, A.L., Raspotnig, C., Sindre, G.: Comparing two techniques for intrusion visualization. In: van Bommel, P., Hoppenbrouwers, S., Overbeek, S., Proper, E., Barjis, J. (eds.) PoEM 2010. LNBIP, vol. 68, pp. 1\u201315. Springer, Heidelberg (2010)"},{"key":"24_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"262","DOI":"10.1007\/978-3-642-14192-8_24","volume-title":"Requirements Engineering: Foundation for Software Quality","author":"P Karpati","year":"2010","unstructured":"Karpati, P., Sindre, G., Opdahl, A.L.: Visualizing cyber attacks with misuse case maps. In: Wieringa, R., Persson, A. (eds.) REFSQ 2010. LNCS, vol. 6182, pp. 262\u2013275. Springer, Heidelberg (2010)"},{"key":"24_CR12","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1016\/j.jss.2015.02.040","volume":"104","author":"P Karpati","year":"2015","unstructured":"Karpati, P., Opdahl, A.L., Sindre, G.: Investigating security threats in architectural context: Experimental evaluations of misuse case maps. J. Syst. Soft. 104, 90\u2013111 (2015)","journal-title":"J. Syst. Soft."},{"key":"24_CR13","first-page":"108","volume":"3","author":"D Amyot","year":"2003","unstructured":"Amyot, D., et al.: Generating scenarios from use case map specifications. QSIC 3, 108\u2013115 (2003)","journal-title":"QSIC"},{"key":"24_CR14","volume-title":"Cheating Threats in Digital BYOD Exams: A Preliminary Investigation","author":"TM S\u00f8gaard","year":"2015","unstructured":"S\u00f8gaard, T.M.: Cheating Threats in Digital BYOD Exams: A Preliminary Investigation. NTNU, Trondheim (2015)"},{"key":"24_CR15","unstructured":"Schneider, D.: Safe exam browser 2.0 how to (Install, Configure, Deploy and Use SEB 2.0) (2014). http:\/\/safeexambrowser.org\/presentations\/HowTo_SEB2.0.pdf"},{"key":"24_CR16","doi-asserted-by":"crossref","unstructured":"Cota, G.L., et al.: A framework for the design configuration of accountable selfish-resilient peer-to-peer systems. In: 2015 IEEE 34th Symposium on Reliable Distributed Systems (SRDS). IEEE (2015)","DOI":"10.1109\/SRDS.2015.36"},{"key":"24_CR17","doi-asserted-by":"crossref","unstructured":"Wang, L., Wong, E., Xu, D.: A threat model driven approach for security testing. In: Proceedings of the Third International Workshop on Software Engineering for Secure Systems. IEEE Computer Society (2007)","DOI":"10.1109\/SESS.2007.2"},{"issue":"4","key":"24_CR18","doi-asserted-by":"publisher","first-page":"526","DOI":"10.1109\/TDSC.2012.24","volume":"9","author":"D Xu","year":"2012","unstructured":"Xu, D., et al.: Automated security test generation with formal threat models. IEEE Trans. Dependable Secure Comput. 9(4), 526\u2013540 (2012)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"2","key":"24_CR19","doi-asserted-by":"publisher","first-page":"241","DOI":"10.1002\/spe.2111","volume":"43","author":"A Marback","year":"2013","unstructured":"Marback, A., et al.: A threat model-based approach to security testing. Soft. Pract. Experience 43(2), 241\u2013258 (2013)","journal-title":"Soft. Pract. Experience"},{"key":"24_CR20","doi-asserted-by":"crossref","unstructured":"Schieferdecker, I., Grossmann, J., Schneider, M.: Model-based security testing (2012). arXiv preprint arXiv:1202.6118","DOI":"10.4204\/EPTCS.80.1"},{"key":"24_CR21","unstructured":"Tappenden, A., et al.: Agile security testing of web-based systems via httpunit. In: Proceedings of the Agile Conference, 2005. IEEE (2005)"},{"key":"24_CR22","series-title":"Lecture Notes in Business Information Processing","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1007\/978-3-642-13054-0_2","volume-title":"Agile Processes in Software Engineering and Extreme Programming","author":"G Erdogan","year":"2010","unstructured":"Erdogan, G., Meland, P.H., Mathieson, D.: Security testing in agile web application development - a case study using the EAST methodology. In: Sillitti, A., Martin, A., Wang, X., Whitworth, E. (eds.) XP 2010. LNBIP, vol. 48, pp. 14\u201327. Springer, Heidelberg (2010)"},{"key":"24_CR23","unstructured":"Sindre, G., Vegendla, A.: E-exams versus paper-based exams: a comparative analysis of security threats and countermeasures. In: Norwegian Information Security Conference (NISK 2015). Bibsys OJS: \u00c5lesund (2015)"},{"key":"24_CR24","unstructured":"Sindre, G., Vegendla, A.: E-exams and exam process improvement. In: UDIT 2015. Bibsys OJS: \u00c5lesund (2015)"}],"container-title":["Lecture Notes in Business Information Processing","Advanced Information Systems Engineering Workshops"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-39564-7_24","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,6,7]],"date-time":"2021-06-07T00:08:15Z","timestamp":1623024495000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-39564-7_24"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319395630","9783319395647"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-39564-7_24","relation":{},"ISSN":["1865-1348","1865-1356"],"issn-type":[{"type":"print","value":"1865-1348"},{"type":"electronic","value":"1865-1356"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"7 June 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CAiSE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Advanced Information Systems Engineering","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Ljubljana","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Slovenia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2016","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 June 2016","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 June 2016","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"caise2016","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}