Stefan Fenz

Formalizing information security knowledge

Unified and formal knowledge models of the information security domain are fundamental requirements for supporting and enhancing existing risk management approaches. This paper describes a security ontology which provides an ontological structure for information security domain knowledge. Besides existing best-practice guidelines such as the German IT Grundschutz Manual also concrete knowledge of the considered organization is incorporated. An evaluation conducted by an information security expert team has shown that this knowledge model can be used to support a broad range of information security risk management approaches.

Security Ontologies: Improving Quantitative Risk Analysis

IT-security has become a much diversified field and small and medium sized enterprises (SMEs), in particular, do not have the financial ability to implement a holistic IT-security approach. We thus propose a security ontology, to provide a solid base for an applicable and holistic IT-security approach for SMEs, enabling low-cost risk management and threat analysis. Based on the taxonomy of computer security and dependability by Landwehr, a heavy-weight ontology can be used to organize and systematically structure knowledge on threats, safeguards, and assets. Using this ontology, each threat scenario can be simulated with a different protection profile as to evaluate the effectiveness and the cost/benefit ratio of individual safeguards

Information Security Fortification by Ontological Mapping of the ISO/IEC 27001 Standard

This paper introduces an ontology-based framework to improve the preparation of ISO/IEC 27001 audits, and to strengthen the security state of the company respectively. Building on extensive previous work on security ontologies, we elaborate on how ISO/IEC 27001 artifacts can be integrated into this ontology. A basic introduction to security ontologies is given first. Specific examples show how certain ISO/IEC 27001 requirements are to be integrated into the ontology; moreover, our rule-based engine is used to query the knowledge base to check whether specific security requirements are fulfilled. The aim of this paper is to explain how security ontologies can be used for a tool to support the ISO/IEC 27001 certification, providing pivotal information for the preparation of audits and the creation and maintenance of security guidelines and policies.

AURUM: A Framework for Information Security Risk Management

As companies are increasingly exposed to a variety of information security threats, they are permanently forced to pay attention to security issues. Risk management provides an effective approach for measuring the security through risk assessment, risk mitigation and evaluation. Existing risk manage- ment approaches are highly accepted but demand very detailed knowledge about the IT security domain and the actual company environment. This paper presents AURUM - a new methodology for supporting the NIST SP 800-30 risk management standard - and provides a comparison with the GSTool and CRISAM in order to highlight the benefits decision makers may expect when using AURUM.

Ontology-Based Generation of Bayesian Networks

Bayesian networks are indispensable for determining the probability of events which are influenced by various components. Bayesian probabilities encode degrees of belief about certain events and a dynamic knowledge body is used to strengthen, update, or weaken these assumptions. The creation of Bayesian networks requires at least three challenging tasks: (i) the determination of relevant influence factors, (ii) the determination of relationships between the identified influence factors, and (iii) the calculation of the conditional probability tables for each node in the Bayesian network.Based on existing domain ontologies, we propose a method for the ontology-based generation of Bayesian networks. The ontology is used to provide the necessary knowledge about relevant influence factors, their relationships, their weights, and the scale which represents potential states of the identified influence factors.The developed method enables, based on existing ontologies, the semi-automatic generation and alternation of Bayesian networks.

Integration of an Ontological Information Security Concept in Risk Aware Business Process Management

The ability to prevent risks as well as to appropriately counteract occurring threats has increasingly become a crucial success factor. Traditional business process management provides concepts for the economical optimization of processes, while risk management focuses on the design of robust business processes. While aiming at the same goal, namely the improvement of business, the approaches how to reach this vary, due to a different understanding of improvement Following this, optimizing recommendations of business process management and risk management may be contradictory. Therefore, we proposed a unified method, integrating both points of views to enable risk-aware business process management and optimization. In this paper, we briefly describe the ROPE (risk-oriented process evaluation) methodology and the security ontology concept, which provides a solid knowledge base for an applicable and holistic company specific IT security approach. This heavy-weight ontology provides structured knowledge regarding the relations between threats, safeguards, and assets, which are crucial for modeling processes in ROPE. We show how the integration of the security ontologys knowledge base enhances the applicability of the ROPE methodology leading to improved risk-aware business process management.

Security ontology: simulating threats to corporate assets

Threat analysis and mitigation, both essential for corporate security, are time consuming, complex and demand expert knowledge. We present an approach for simulating threats to corporate assets, taking the entire infrastructure into account. Using this approach effective countermeasures and their costs can be calculated quickly without expert knowledge and a subsequent security decisions will be based on objective criteria. The ontology used for the simulation is based on Landwehrs [ALRL04] taxonomy of computer security and dependability.

XML security - A comparative literature review

Since the turn of the millenium, working groups of the W3C have been concentrating on the development of XML-based security standards, which are paraphrased as XML security. XML security consists of three recommendations: XML (digital) signature, XML encryption and XML key management specification (XKMS), all of them published by the W3C. By means of a review of the available literature the authors draw several conclusions about the status quo of XML security. Furthermore, the current state and focuses of research as well as the existing challenges are derived. Trends to different application areas - e.g. use of XML security for mobile computing - are also outlined. Based on this information the analyzed results are discussed and a future outlook is predicted.

An ontology-based approach for constructing Bayesian networks

Bayesian networks are commonly used for determining the probability of events that are influenced by various variables. Bayesian probabilities encode degrees of belief about certain events, and a dynamic knowledge body is used to strengthen, update, or weaken these assumptions. The creation of Bayesian networks requires at least three challenging tasks: (i) the determination of relevant variables (nodes), (ii) the determination of relationships between the identified variables (links), and (iii) the calculation of the conditional probability tables (CPTs) for each node in the Bayesian network. Based on existing domain ontologies, we propose a method for the ontology-based construction of Bayesian networks. The method supports (i) the construction of the graphical Bayesian network structure (nodes and links), (ii) the construction of CPTs that preserve semantic constraints of the ontology, and (iii) the incorporation of already existing knowledge facts (findings). The developed method enables the efficient construction and modification of Bayesian networks based on existing ontologies.

Verification, Validation, and Evaluation in Information Security Risk Management

By surveying verification, validation, and evaluation methods referenced in information security risk management (ISRM) literature, the authors discuss in which ISRM phases particular methods should be applied and demonstrate appropriate methods with a real-world example.