Security ontology: Simulating threats to corporate assets

被引:0
作者
Ekelhart, Andreas [1 ]
Fenz, Stefan [1 ]
Klemen, Markus D. [1 ]
Weippl, Edgar R. [1 ]
机构
[1] Secure Business Austria, Secur Res, Favoritenstr 16, A-1040 Vienna, Austria
来源
INFORMATION SYSTEMS SECURITY, PROCEEDINGS | 2006年 / 4332卷
关键词
security ontology; threat modeling; risk analysis;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Threat analysis and mitigation, both essential for corporate security, are time consuming, complex and demand expert knowledge. We present an approach for simulating threats to corporate assets, taking the entire infrastructure into account. Using this approach effective countermeasures and their costs can be calculated quickly without expert knowledge and a subsequent security decisions will be based on objective criteria. The ontology used for the simulation is based on Landwehr's [ALRL04] taxonomy of computer security and dependability.
引用
收藏
页码:249 / +
页数:2
相关论文
共 6 条
[1]  
[Anonymous], 2004, OWL WEB ONTOLOGY LAN
[2]   Basic concepts and taxonomy of dependable and secure computing [J].
Avizienis, A ;
Laprie, JC ;
Randell, B ;
Landwehr, C .
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2004, 1 (01) :11-33
[3]  
Donner Marc, 2003, IEEE Security & Privacy, V1, P6
[4]  
Gomez-Perez A., 2004, ONTOLOGICAL ENG
[5]  
Landwehr Carl E., 1994, ACM COMPUT SURV, V26, P3
[6]  
2005, PROTEGE ONTOLOGY EDI
1