M. Klemen,E. Weippl
, A. Ekelhart, S. Fenz:
"Security Ontology: Simulating Threats to Corporate Assets
Vortrag: ICISS 2006, Calcutta; 19.12.2006 - 21.12.2006; in:"Proceedings of the 2nd International Conference on Information Systems Security(ICISS 2006)
", Springer, (2006), ISBN: 3-540-68962-1; S. 249 - 259.
[ Publication Database
Threat analysis and mitigation, both essential for corporate security, are time consuming, complex and demand expert knowledge. We present an approach for simulating threats to corporate assets, taking the entire infrastructure into account. Using this approach effective countermeasures and their costs can be calculated quickly without expert knowledge and a subsequent security decisions will be based on objective criteria. The ontology used for the simulation is based on Landwehr´s [ALRL04] taxonomy of computer security and dependability.