Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Combining defense graphs and enterprise architecture models for security analysis
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.ORCID iD: 0000-0003-3922-9606
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.ORCID iD: 0000-0002-3293-1681
2008 (English)In: Proceedings - 12th IEEE International Enterprise Distributed Object Computing Conference, EDOC 2008, 2008, 349-355 p.Conference paper, Published paper (Refereed)
Abstract [en]

Security is dependent on a mixture of interrelated concepts such as technical countermeasures, organizational policies, security procedures, and more. To facilitate rational decision making, these concepts need to be combined into an overall judgment on the current security posture, as well as potential future ones. Decision makers are, however, faced with uncertainty regarding both what countermeasures that is in place, and how well different countermeasures contribute to mitigating attacks. This paper presents a security assessment framework using the Bayesian statistics-based Extended Influence Diagrams to combine attack graphs with countermeasures into defense graphs. The approach makes it possible to calculate the probability that attacks succeed based on an enterprise architecture model. The framework also takes uncertainties of the security assessment into consideration. Moreover, using the extended influence diagram formalism the expected loss from each attack can be calculated.

Place, publisher, year, edition, pages
2008. 349-355 p.
Series
IEEE International Enterprise Distributed Object Computing (EDOC) Conference, ISSN 1541-7719
National Category
Computer and Information Science Production Engineering, Human Work Science and Ergonomics
Identifiers
URN: urn:nbn:se:kth:diva-36468DOI: 10.1109/EDOC.2008.37ISI: 000260405700036Scopus ID: 2-s2.0-56649088314ISBN: 978-0-7695-3373-5 (print)OAI: oai:DiVA.org:kth-36468DiVA: diva2:430879
Conference
12th IEEE International Enterprise Distributed Object Computing Munich, GERMANY, SEP 15-19, 2008
Note

QC 201550713

Available from: 2011-07-13 Created: 2011-07-12 Last updated: 2015-07-13Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Authority records BETA

Ekstedt, MathiasJohnson, Pontus

Search in DiVA

By author/editor
Sommestad, TeodorEkstedt, MathiasJohnson, Pontus
By organisation
Industrial Information and Control Systems
Computer and Information ScienceProduction Engineering, Human Work Science and Ergonomics

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 81 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf