Vorträge und Posterpräsentationen (mit Tagungsband-Eintrag):
S. Fenz, A. Ekelhart, M. Klemen, E. Weippl:
"Security Ontologies: Improving Quantitative Risk Analysis";
Vortrag: HICCS 2007,
Hawaii;
03.01.2007
- 06.01.2007; in: "HICSS 2007",
(2007),
S. 156
- 162.
Kurzfassung englisch:
IT-security has become a much diversified field and
small and medium sized enterprises (SMEs), in particular, do
not have the financial ability to implement a holistic IT-security
approach. We thus propose a security ontology, to provide a
solid base for an applicable and holistic IT-security approach for
SMEs, enabling low-cost risk management and threat analysis.
Based on the taxonomy of computer security and dependability
by Landwehr [1], a heavy-weight ontology can be used to organize
and systematically structure knowledge on threats, safeguards,
and assets. Using this ontology, each threat scenario can be
simulated with a different protection profile as to evaluate the
effectiveness and the cost/benefit ratio of individual safeguards.
Zugeordnete Projekte:
Projektleitung A Min Tjoa:
Security Ontologies