Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
DBSEC
2009
2009
An Approach to Security Policy Configuration Using Semantic Threat Graphs
Managing the configuration of heterogeneous enterprise security mechanisms is a wholly complex task. The effectiveness of a configuration may be constrained by poor understanding and/or management of the overall security policy requirements, which may, in turn, unnecessarily expose the enterprise to known threats. This paper proposes a threat management approach, whereby knowledge about the effectiveness of mitigating countermeasures is used to guide the autonomic configuration of security mechanisms. This knowledge is modeled in terms of Semantic Threat Graphs, a variation of the traditional Threat/Attack Tree, extended in order to relate semantic information about security configuration with threats, vulnerabilities and countermeasures. An ontology-based approach to representing and reasoning over this knowledge is taken. A case study on Network Access Controls demonstrates how threats can be analyzed and how automated configuration recommendations can be made based on catalogues of ...
Real-time TrafficDBSEC 2007 | DBSEC 2009 | Enterprise Security Mechanisms | Overall Security Policy | Security Mechanisms |
| Added | 09 Nov 2010 |
| Updated | 09 Nov 2010 |
| Type | Conference |
| Year | 2009 |
| Where | DBSEC |
| Authors | Simon N. Foley, William M. Fitzgerald |
Comments (0)
Researcher Info
|
