Ontology-based Framework for Information Security Risk Management
نویسنده
چکیده
The ever-growing dependence on information technology leads to an increase in expensive information security incidents and failures. While researchers have proposed several approaches to managing information security risks, several shortcomings of existing approaches can still be identified. Complex relationships in the information security domain, error-prone manual application of the information security knowledge to the organizational infrastructure, subjective impact value determination, and incomplete knowledge during the control evaluation can lead to an inadequate information security strategy and, therefore, pose a risk to the organization's mission. As a first step in addressing these shortcomings, this thesis elaborates on the development of a formal knowledge model (security ontology), comprising relevant security concepts, which can be applied by organizations to model their own environment and subsequently retrieve answers to security-relevant questions. Analysis of existing work in security ontologies forms the basis for the developed security ontology, and the model is evaluated by means of competency questions. Thereafter, we will show how the security ontology can be extended to include advisory knowledge. On this basis, an architecture for a semantic Computer Security Incident Response Team is presented. To support users in the information security risk management (ISRM) process, a framework for automated ISRM is presented, which covers all ISRM phases outlined by major ISRM methodologies. Again, this approach builds on the formal security knowledge model. In addition, extensions for each phase, such as risk determination and control identification, are introduced. While all phases are covered, special focus is placed on a novel technique to determine importance values of assets, based on business process analysis. To demonstrate how this ISRM framework can be applied in real life, a prototype was developed and an example case was carried out. Results showed the benefits of the framework, e.g., that security knowledge is provided in a consistent and comprehensive way, consistent risk values can be automatically calculated, and users are supported in the selection of efficient controls. Most ISRM-related research aims to improve ISRM, but there is still a considerable lack of thorough verification, validation and evaluation of the developed approaches and their implementation. Focusing on the problem of sound verification, validation and evaluation of ISRM, the results of an ISRM literature research are presented to provide an overview of applied verification, validation and evaluation methods. Then, I will discuss in which ISRM phases the methods should be applied. This research provides a reference for researchers and users of ISRM approaches who aim to establish trust in their results, and draws conclusions on the current status of ISRM verification, validation and evaluation.
منابع مشابه
Identifying Information Security Risk Components in Military Hospitals in Iran
Background and Aim: Information systems are always at risk of information theft, information change, and interruptions in service delivery. Therefore, the present study was conducted to develop a model for identifying information security risk in military hospitals in Iran. Methods: This study was a qualitative content analysis conducted in military hospitals in Iran in 2019. The sample consist...
متن کاملModelling Reusable Security Requirements based on an Ontology Framework
In recent years, security in Information Systems (IS) has become an important issue, and needs to be taken into account in all stages of IS development, including the early phase of Requirements Engineering (RE). Reuse of requirements improves the productivity and quality of software process and products. This can be facilitated by Semantic Web technologies. We describe an ontology-based framew...
متن کاملارائه الگویی برای ارزیابی ریسک آتشسوزیهای عمدی
Background & Objectives : It is not possible to live without using fire. However, fire could destruct human properties in a short time. One of the most important types of fire is intentional fire. This type of fire has become a great problem for insurance companies, fire departments, industries, government and business in the recent years. This study aimed to provide a framework for risk assess...
متن کاملDeveloping a BIM-based Spatial Ontology for Semantic Querying of 3D Property Information
With the growing dominance of complex and multi-level urban structures, current cadastral systems, which are often developed based on 2D representations, are not capable of providing unambiguous spatial information about urban properties. Therefore, the concept of 3D cadastre is proposed to support 3D digital representation of land and properties and facilitate the communication of legal owners...
متن کاملSIMOnt: A Security Information Management Ontology Framework
In this paper, we have proposed the design of a Security Information Management Ontology (SIMOnto) framework, which utilizes natural language processing and statistical analysis to mine an exhaustive list of concepts and their relationships in an automatic way. Concepts are extracted using TF-IDF and LSA techniques whereas, relations between them are mined using semantic and co-occurrence based...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011