• Accountability Requirements in the Cloud Provider Chain 

      Jaatun, Martin Gilje; Tøndel, Inger Anne; Moe, Nils Brede; Cruzes, Daniela Soares; Bernsmed, Karin; Haugset, Børge (Journal article; Peer reviewed, 2018-04)
      In order to be responsible stewards of other people’s data, cloud providers must be accountable for their data handling practices. The potential long provider chains in cloud computing introduce additional accountability ...
    • Automated software security activities in a continuous delivery pipeline 

      Pham, Bao Khanh; Chalishhafshejani, Sohrab (Master thesis, 2021)
      Due to the rise of cyberattacks in IT companies, software security has become a topic for debate. Currently, to secure their products, companies often use manual methods, which makes development stalled and inefficient. ...
    • Intelligence-driven Cyber Defense Grounded in a Kill Chain Model 

      Try, Tobias Salomonsen (Master thesis, 2020-12-15)
      This thesis combines intelligence-driven defense using cyber kill chains with threat intelligence platforms and adversary tactics to create a comprehensive playbook for incident response to reduce response time and streamline ...
    • Risk in the Age of Software Security 

      Jaatun, Martin Gilje (Others, 2017)
      For general applications, it is way too costly to aim for 100 % secure software; for complex systems it may even be impossible. To achieve effective software security at reasonable cost, it is thus necessary to identify ...
    • Security in Critical Information Infrastructures 

      Jaatun, Martin Gilje (PhD thesis UiS;254, Doctoral thesis, 2015-06-05)
      Information and Communication Technologies (ICT) are permeating the critical infrastructures that our modern society relies on, and ICT security is becoming increasingly important to all aspects of our lives. This dissertation ...
    • Security Incident Information Exchange for Cloud Service Provisioning Chains 

      Frøystad, Christian; Tøndel, Inger Anne; Jaatun, Martin Gilje (Journal article; Peer reviewed, 2018-12)
      Online services are increasingly becoming a composition of different cloud services, making incident-handling difficult, as Cloud Service Providers (CSPs) with end-user customers need information from other providers about ...