2009
DOI: 10.1007/978-3-642-03007-9_3
|View full text |Cite
|
Sign up to set email alerts
|

An Approach to Security Policy Configuration Using Semantic Threat Graphs

Abstract: Abstract. Managing the configuration of heterogeneous enterprise security mechanisms is a wholly complex task. The effectiveness of a configuration may be constrained by poor understanding and/or management of the overall security policy requirements, which may, in turn, unnecessarily expose the enterprise to known threats. This paper proposes a threat management approach, whereby knowledge about the effectiveness of mitigating countermeasures is used to guide the autonomic configuration of security mechanisms… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
12
0

Year Published

2009
2009
2023
2023

Publication Types

Select...
5
1

Relationship

1
5

Authors

Journals

citations
Cited by 9 publications
(12 citation statements)
references
References 15 publications
0
12
0
Order By: Relevance
“…Nodes in attack trees can be annotated with quantitative properties, but so far the models have addressed attack possibilities only qualitatively. Such trees can also be augmented with countermeasures, as is done in attack-defence trees [20] and semantic threat graphs [13]. Also, argumentation-based approaches have been proposed to reason about security [33].…”
Section: Security Risk Modelsmentioning
confidence: 99%
“…Nodes in attack trees can be annotated with quantitative properties, but so far the models have addressed attack possibilities only qualitatively. Such trees can also be augmented with countermeasures, as is done in attack-defence trees [20] and semantic threat graphs [13]. Also, argumentation-based approaches have been proposed to reason about security [33].…”
Section: Security Risk Modelsmentioning
confidence: 99%
“…A semantic threat graph [11], constructed in terms of an ontology, can be defined as a graph that represents the meaning of a threat domain. Enterprise assets are represented as individuals of the Asset concept.…”
Section: Threat Model For Xmppmentioning
confidence: 99%
“…Semantic Threat Graphs [11], a variation of the traditional threat tree, are encoded within the ontology-based framework in order to relate knowledge about enterprise-level security requirements, best practice recommendations and access-control rules in terms of assets, threats, vulnerabilities and countermeasures. Threats are organised into a hierarchical structure such as a Microsoft STRIDEbased [17] hierarchy.…”
Section: Introductionmentioning
confidence: 99%
“…Attack trees are typically used to assist attack elicitation and countermeasure selection. While they may be used to provide ongoing recommendation about the best current countermeasures [8], they do not explicitly consider the ongoing-process of testing countermeasure effectiveness. This difference to ERM can be illustrated by the following UML class style diagram, whereby an attack can be regarded as a knock-on consequence of some risk and the countermeasures are the controls that used to mitigate that risk:…”
Section: Risk Management and Internal Controlsmentioning
confidence: 99%
“…An enterprise will have a very large number of technical security risks and we suggest that attack-tree based methodologies [8,15,17] can help in the elicitation and management of this complexity. Note that we propose the use of ERM to track known risks and do not consider how "unknown unknowns" might be discovered.…”
Section: Examplementioning
confidence: 99%