A translation approach to portable ontology specifications
Knowledge Acquisition - Special issue: Current issues in knowledge modeling
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Organization based access control
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
A Policy Language for a Pervasive Computing Environment
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
SRDS '98 Proceedings of the The 17th IEEE Symposium on Reliable Distributed Systems
Representation and reasoning for DAML-based policy and domain services in KAoS and nomads
AAMAS '03 Proceedings of the second international joint conference on Autonomous agents and multiagent systems
Intrusion damage control and assessment: a taxonomy and implementation of automated responses to intrusive behavior
Modelling Contexts in the Or-BAC Model
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Obligation Policies: An Enforcement Platform
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
An ontology description for SIP security flaws
Computer Communications
High Level Conflict Management Strategies in Advanced Access Control Models
Electronic Notes in Theoretical Computer Science (ENTCS)
A taxonomy of intrusion response systems
International Journal of Information and Computer Security
Modeling contextual security policies
International Journal of Information Security
Expression and Deployment of Reaction Policies
SITIS '08 Proceedings of the 2008 IEEE International Conference on Signal Image Technology and Internet Based Systems
Using contextual security policies for threat response
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
A contextual role-based access control authorization model for electronic patient record
IEEE Transactions on Information Technology in Biomedicine
Towards cost-sensitive assessment of intrusion response selection
Journal of Computer Security
Exposing WPA2 security protocol vulnerabilities
International Journal of Information and Computer Security
Hi-index | 0.00 |
Intrusion detection requirements enforced by Intrusions Detection Systems (IDSs) are generally considered independently from the remainder of the security policy. Our approach is to consider that intrusion detection requirements are actually a part of the access control policy. This provides means to formally specify in a reaction policy what should happen in case of intrusion. It is then possible to integrate these requirements into a deploying process in order to automatically configure security components. In this paper, we propose a contextual and ontology-based approach to express and instantiate this reaction policy. We then define a reaction process based on the concepts of dynamic threat organisation and threat contexts and a set of rules used to map alerts onto threat contexts to perform the instantiation of the policy-based reaction in response to the detected intrusion.