Thomas Neubauer

AURUM: A Framework for Information Security Risk Management

As companies are increasingly exposed to a variety of information security threats, they are permanently forced to pay attention to security issues. Risk management provides an effective approach for measuring the security through risk assessment, risk mitigation and evaluation. Existing risk manage- ment approaches are highly accepted but demand very detailed knowledge about the IT security domain and the actual company environment. This paper presents AURUM - a new methodology for supporting the NIST SP 800-30 risk management standard - and provides a comparison with the GSTool and CRISAM in order to highlight the benefits decision makers may expect when using AURUM.

Business process-based valuation of IT-security

Growing business integration raises the need for secure business processes as security problems can affect the profit and the reputation of a company. However, decisions regarding a reasonable level of security in a business environment are often made in a value-neutral way.This paper presents a framework for the valuation of cost-benefit of various security levels with business processes. The framework can be used for planning security levels in software development and allows further continuous monitoring and improvement of cost-benefit of security measures along with operative business processes.

A secure architecture for the pseudonymization of medical data

As aging and very expensive programs put more pressure on health and social care systems, an increase in the need for electronic healthcare records can be observed, because they promise massive savings and better clinical quality. However, patients and commissioners for data protection have legitimate concerns about the privacy and confidentiality of the stored data. Although the concept of pseudonymization allows an association with a patient only under specified and controlled circumstances, existing approaches have major vulnerabilities. This paper provides a new architecture for the pseudonymization of medical data that combines primary and secondary use in one system and thus provides a solution to vulnerabilities of existing approaches

Secure business process management: a roadmap

The security of corporate business processes is crucial for the business success of companies. Existing business process management methodologies barely consider security and dependability objectives. Business processes and security issues are developed separately and often do not follow the same strategy. Growing business integration and legal requirements raise the need for secure business processes as security problems negatively affect profit and reputation of companies and their stakeholders. In this paper we summarize the state of the art of business process management and security and identify shortcomings of existing approaches. Based on that we identify research challenges and present a roadmap for secure business process management (SBPM) that allows an integrated view on business process management and security. This approach provides top management in process oriented enterprises with a stepwise methodology for the parallel and continuous development and improvement of business processes along with security issues over the whole business process life cycle.

Workshop-based multiobjective security safeguard selection

Companies spend considerable amounts of resources on minimizing security breaches but often neglect efficient security measures and/or are not aware whether their investments are effective. While security safeguards traditionally are evaluated through a single (aggregated) criterion such as the return on investment, this may not suffice any longer as economic and legal requirements force top management to pay more attention to security issues. Thus, there is a demand for decision support tools that assist decision makers in allocating security safeguards with respect to multiple objectives of the involved stakeholders. This paper proposes a tool called MOS/sup 3/T (multi-objective security safeguard selection tool), that integrates ideas from multiobjective decision making in a workshop environment The stepwise procedure for the assessment and interactive selection of sets of security safeguards improves security awareness of top management while minimizing the resources required for implementing a proper security environment that meets a corporates needs.

Interactive Selection of ISO 27001 Controls under Multiple Objectives

IT security incidents pose a major threat to the efficient execution of corporate strategies. Although, information security standards provide a holistic approach to mitigate these threats and legal acts demand their implementation, companies often refrain from the implementation of information security standards, especially due to high costs and the lack of evidence for a positive cost/benefit ratio. This paper presents a new approach that supports decision makers in interactively defining the optimal set of security controls according to ISO 27001. Therefore, it uses input data from a security ontology that allows the standardized integration of rules which are necessary to model potential countermeasure combinations based on the ISO 27001 standard controls. The approach was implemented into a tool and tested by means of a case study. It not only supports decision makers in defining the controls needed for certification but also provides them with information regarding the efficiency of the chosen controls with regard to multiple definable objectives.

Ontology-Based Decision Support for Information Security Risk Management

As e-Business and e-Commerce applications are increasingly exposed to a variety of information security threats, corporate decision makers are increasingly forced to pay attention to security issues. Risk management provides an effective approach for measuring the security but existing risk management approaches come with major shortcomings such as the demand for very detailed knowledge about the IT security domain and the actual company environment. This paper presents the implementation of the AURUM methodology into a software solution which addresses the identified shortcomings of existing information security risk management software solutions. Thereby, the presented approach supports decision makers in risk assessment, risk mitigation, and safeguard evaluation.

Current challenges in information security risk management

Purpose – The purpose of this paper is to give an overview of current risk management approaches and outline their commonalities and differences, evaluate current risk management approaches regarding their capability of supporting cost-efficient decisions without unnecessary security trade-offs, outline current fundamental problems in risk management based on industrial feedback and academic literature and provide potential solutions and research directions to address the identified problems. Despite decades of research, the information security risk management domain still faces numerous challenges which hinder risk managers to come up with sound risk management results. Design/methodology/approach – To identify the challenges in information security risk management, existing approaches are compared against each other, and as a result, an abstracted methodology is derived to align the problem and solution identification to its generic phases. The challenges have been identified based on literature survey...

Applying a Threshold Scheme to the Pseudonymization of Health Data

Due to the cost pressure on the health care system an increase in the need for electronic healthcare records (EHR) could be observed in the last decade because EHRs promise massive savings by digitizing and centrally providing medical data. As highly sensitive patient information is exchanged and stored within such a system, legitimate concerns about the privacy of the stored data occur, as the lifelong storage of medical data is a promising target for attackers. These concerns and the lack of existing approaches that provide a sufficient level of security raise the need for a system that guarantees data privacy and keeps the access to health data under strict control of the patient. This paper introduces PIPE (Pseudonymization of Information for Privacy in e-Health), a new EHR architecture for primary and secondary usage of health data. PIPEs security model is based on pseudonymization instead of encryption.Mobile devices (e.g., laptops, PDAs, cell phones) are increasingly relied on but are used in contexts that put them at risk of physical damage, loss or theft. This paper discusses the dependability evaluation of a cooperative backup service for mobile devices. Participating devices leverage encounters with other devices to temporarily replicate critical data. Permanent backups are created when the participating devices are able to access the fixed infrastructure. Several data replication and scattering strategies are presented, including the use of erasure codes. A methodology to model and evaluate them using Petri nets and Markov chains is described. We demonstrate that our cooperative backup service decreases the probability of data loss by a factor up to the ad hoc to Internet connectivity ratio.

Defining Secure Business Processes with Respect to Multiple Objectives

Business processes are of major importance in todays business environments, and their unimpeded execution is crucial for a companys success. Since business processes are permanently exposed to a variety of threats, organizations are forced to pay attention to security issues. Although the security of business activities is widely recognized as important, business processes and security aspects are often developed separately and without considering different objectives. This paper proposes a methodology that supports corporate decision makers with the elicitation of security requirements based on business processes, for the analysis of threats and vulnerabilities, and for the selection of appropriate security measures.