Algorithms for finding patterns in strings
Handbook of theoretical computer science (vol. A)
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Information Security Policies and Procedures: A Practitioner's Reference, Second Edition
Information Security Policies and Procedures: A Practitioner's Reference, Second Edition
Policy-based dissemination of partial web-ontologies
Proceedings of the 2005 workshop on Secure web services
Securing web service by automatic robot detection
ATEC '06 Proceedings of the annual conference on USENIX '06 Annual Technical Conference
Identifying web spam with user behavior analysis
AIRWeb '08 Proceedings of the 4th international workshop on Adversarial information retrieval on the web
Web Spam Identification with User Browsing Graph
AIRS '09 Proceedings of the 5th Asia Information Retrieval Symposium on Information Retrieval Technology
EAIT '11 Proceedings of the 2011 Second International Conference on Emerging Applications of Information Technology
Journal of Network and Systems Management
| Hi-index | 0.00 |
An enterprise is composed of assets and their inter-relationships. These inter-relationships are manifested in the connection of hardware assets in network architecture, or in the installation of software or information assets in hardware. Policies are used to specify and control access to enterprise assets. Inter-relationships of assets, along with specified policies, can lead to managerial vulnerabilities in the enterprise information system. Threats may exploit these vulnerabilities to breach the security of sensitive assets. This paper discusses a methodology for the specification and validation of security policies for Enterprise Information Systems. The methodology captures enterprise information security requirements, helps specify security policies, detects managerial vulnerabilities and identifies threats to enterprise information systems.