How to determine threat probabilities using ontologies and Bayesian networks
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
Lightweight modeling and analysis of security concepts
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
An ontology- and Bayesian-based approach for determining threat probabilities
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Basis for an integrated security ontology according to a systematic review of existing proposals
Computer Standards & Interfaces
| Hi-index | 0.00 |
As companies are increasingly exposed to a variety of information security threats, they are permanently forced to pay attention to security issues. Risk management provides an effective approach for measuring the security through risk assessment, risk mitigation and evaluation. Existing risk management approaches are highly accepted but demand very detailed knowledge about the IT security domain and the actual company environment. This paper presents AURUM - a new methodology for supporting the NIST SP 800-30 risk management standard - and provides a comparison with the GSTool and CRISAM in order to highlight the benefits decision makers may expect when using AURUM.