The PoSecCo Security Decision Support System
This paper presents the PoSecCo approach to policy refinement, that is, the problem of deriving the configurations for the security controls from a set of high-level security requirements. This process is very important for the security and trustworthiness of the IT infrastructure as confirmed by many studies that indicate it as the major cause of security breaches and availability problems. The PoSecCo project proposes an integrated system that refines a high-level policy into a set of configurations for the security controls available in the information system. This is named the PoSecCo Security Decision Support System (SDSS). The SDSS assists the administrators in all the configuration generation phases, it guides them into the policy specification and refinement process, helping them to make the right decision, and, finally, automatically performs the refinement and analysis.
KeywordsActive Element Fami Prose
Unable to display preview. Download preview PDF.
- [CSIS08]Center for Strategic and International Studies, “Securing cyberspace for the 44th presidency,” December 2008, http://csis.org/publication/securingcyberspace-44th-presidency
- [Oppe03]D. Oppenheimer. “The importance of understanding distributed system configuration”. Proceedings of the 2003 Conference on Human Factors in Computer Systems workshop, April 2003Google Scholar
- [Patt02]D. A. Patterson. “A simple way to estimate the cost of downtime”. Proceedings of LISA’02: Sixteenth Systems Administration Conference, pp. 185-188, November 2002’.Google Scholar
- [BCC+10]S. Bhala, M. Christodoulides, L. Cornwell, R. Jones, and B. Morris. “2010 UK security breach investigations report”, 7Safe, University of Bedfordshire, January 2010Google Scholar
- [BaHH09]W. Baker, A. Hutton, and D. Hylender, “Data Breach Investigations Report”, VerizonBusiness RISK team, April 2009.Google Scholar
- [Plod10]Petr Plodik, “IBM Cloud Computing”, 2010 www.itcluster.cz/Files/cz/files/IBM-Plodik-Cloud.pdf