Design and implementation of virtual security appliances (VSA) for SME

Detken, Kai-Oliver; Jahnke, Marcel; Birkholz, Henk; Dwertmann, Christoph

doi:10.1109/idaacs.2013.6662634

Cited by 2 publications

(2 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…2) The Topology Editor: The Topology Editor 3 [31] provides the general user interface required for interaction with the IRP. The back-end communication of the Topology Editor is handled by IO-X.…”

Section: ) the Io Tool-setmentioning

confidence: 99%

Enhancing Security Testing via Automated Replication of IT-Asset Topologies

Birkholz

Sieverdingbeck

Kuntze

et al. 2013

2013 International Conference on Availability, Reliability and Security

Self Cite

View full text Add to dashboard Cite

Security testing of IT-infrastructure in a production environment can have a negative impact on business processes supported by IT-assets. A testbed can be used to provide an alternate testing environment in order to mitigate this impact. Unfortunately, for small and medium enterprises, maintaining a physical testbed and its consistency with the production environment is a cost-intensive task. In this paper, we present the Infrastructure Replication Process (IRP) and a corresponding Topology Editor, to provide a cost-efficient method that makes security testing in small and medium enterprises more feasible. We utilize a virtual environment as a testbed and provide a structured approach that takes into account the differences between a physical and a virtual environment. Open standards, such as SCAP, OVAL or XCCDF, and the utilization the Interconnectedasset Ontology-IO-support the integration of the IRP into existing (automated) processes. We use the implementation of a prototype to present a proof-of-concept that shows how typical challenges regarding security testing can be successfully mitigated via the IRP.

show abstract

Section: ) the Io Tool-setmentioning

confidence: 99%

Enhancing Security Testing via Automated Replication of IT-Asset Topologies

Birkholz

Sieverdingbeck

Kuntze

et al. 2013

2013 International Conference on Availability, Reliability and Security

Self Cite

View full text Add to dashboard Cite

show abstract

“…Cloud infrastructure presents challenges for traditional cyber-security products. For example, general network scanning [99] assumes the infrastructure is local and/or reachable for scanning purposes, an assumption valid only for private infrastructure. The increasing suite of cloud-based network perimeter scanning services [100,101,102] require explicit input from users on the target devices to be scanned.…”

Section: Technical Challengesmentioning

confidence: 99%

The Good, The Bad and The Missing: A Narrative Review of Cyber-security Implications for Australian Small Businesses

Tam,

Rao,

Hall

2021

Preprint

View full text Add to dashboard Cite

Small businesses (0-19 employees) are becoming attractive targets for cyber-criminals, but struggle to implement cyber-security measures that large businesses routinely deploy. There is an urgent need for effective and suitable cyber-security solutions for small businesses as they employ a significant proportion of the workforce.In this paper, we consider the small business cyber-security challenges not currently addressed by research or products, contextualised via an Australian lens. We also highlight some unique characteristics of small businesses conducive to cyber-security actions.Small business cyber-security discussions to date have been narrow in focus and lack re-usability beyond specific circumstances. Our study uses global evidence from industry, government and research communities across multiple disciplines. We explore the technical and non-technical factors negatively impacting a small business' ability to safeguard itself, such as resource constraints, organisational process maturity, and legal structures. Our research shows that some small business characteristics, such as agility, large cohort size, and piecemeal IT architecture, could allow for increased cyber-security.We conclude that there is a gap in current research in small business cyber-security. In addition, legal and policy work are needed to help small businesses become cyber-resilient.

show abstract

Design and implementation of virtual security appliances (VSA) for SME

Cited by 2 publications

References 3 publications

Enhancing Security Testing via Automated Replication of IT-Asset Topologies

Enhancing Security Testing via Automated Replication of IT-Asset Topologies

The Good, The Bad and The Missing: A Narrative Review of Cyber-security Implications for Australian Small Businesses

Contact Info

Product

Resources

About