Abstract
This paper presents the PoSecCo approach to policy refinement, that is, the problem of deriving the configurations for the security controls from a set of high-level security requirements. This process is very important for the security and trustworthiness of the IT infrastructure as confirmed by many studies that indicate it as the major cause of security breaches and availability problems. The PoSecCo project proposes an integrated system that refines a high-level policy into a set of configurations for the security controls available in the information system. This is named the PoSecCo Security Decision Support System (SDSS). The SDSS assists the administrators in all the configuration generation phases, it guides them into the policy specification and refinement process, helping them to make the right decision, and, finally, automatically performs the refinement and analysis.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
Literature
A. Wool, “Trends in firewall configuration errors: Measuring the holes in Swiss cheese,” IEEE Internet Computing, vol. 14, no. 4, pp. 58-65, August 2010.
Center for Strategic and International Studies, “Securing cyberspace for the 44th presidency,” December 2008, http://csis.org/publication/securingcyberspace-44th-presidency
D. Oppenheimer. “The importance of understanding distributed system configuration”. Proceedings of the 2003 Conference on Human Factors in Computer Systems workshop, April 2003
D. A. Patterson. “A simple way to estimate the cost of downtime”. Proceedings of LISA’02: Sixteenth Systems Administration Conference, pp. 185-188, November 2002’.
S. Bhala, M. Christodoulides, L. Cornwell, R. Jones, and B. Morris. “2010 UK security breach investigations report”, 7Safe, University of Bedfordshire, January 2010
W. Baker, A. Hutton, and D. Hylender, “Data Breach Investigations Report”, VerizonBusiness RISK team, April 2009.
Petr Plodik, “IBM Cloud Computing”, 2010 www.itcluster.cz/Files/cz/files/IBM-Plodik-Cloud.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer Fachmedien Wiesbaden
About this chapter
Cite this chapter
Basile, C., Lioy, A., Paraboschi, S. (2012). The PoSecCo Security Decision Support System. In: Reimer, H., Pohlmann, N., Schneider, W. (eds) ISSE 2012 Securing Electronic Business Processes. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-00333-3_7
Download citation
DOI: https://doi.org/10.1007/978-3-658-00333-3_7
Published:
Publisher Name: Springer Vieweg, Wiesbaden
Print ISBN: 978-3-658-00332-6
Online ISBN: 978-3-658-00333-3
eBook Packages: Computer ScienceComputer Science (R0)