Filters








318,273 Hits in 3.1 sec

A Security Incident Data Model [chapter]

Meletis A. Belsis, Nick Godwin, Leon Smalov
2002 IFIP Advances in Information and Communication Technology  
This paper presents a security incident data model. The model uses many of the existing security incident taxonomies to organise its security incident related information.  ...  Where characteristic of incidents is not covered by existing taxonomies some progress has been made in developing one. The proposed structure stores both management and technical information.  ...  In this paper we present a conceptual data model that can be used to organize information collected from security incidents.  ... 
doi:10.1007/978-0-387-35586-3_38 fatcat:thgcdojfnzd6xjfllmwhsfadcq

Adu, K.K. and Adjei, E. (2018). The phenomenon of data loss and cyber security issues in Ghana. Foresight, 20(2), 150–61. Ahmed, M.T.U., Bhuiya, N.I. and Rahman, M.M. (2017). A secure enterprise architecture focused on security and technology-transformation (SEAST), The 12th International Conference for Internet Technology and Secured Transactions, (ICITST-2017), Cambridge, UK, 11–4/12/2017. Alanazi, S.T., Anbar, M., Ebad, S.A., Karuppayah, S. and Al-Ani, H.A. (2020). Theory-based model and prediction analy ...

Emad Al Khoufi
2021 Basic and Applied Sciences - Scientific Journal of King Faisal University  
However, the incidence of myocardial infarction was greater in females (52%) compared to males (38%) (p<0.035).  ...  A significantly higher rate of diabetes was noted in females (62%) compared to males (48%) (p<0.012). Co-existing diabetes and hypertension was found in 70% of females as compared to 38% of males.  ...  Furthermore, females had a lower incidence of ischemic heart disease but a higher prevalence of myocardial infraction (52%) in comparison to the male subjects (38%); this difference is statistically significant  ... 
doi:10.37575/b/med/0038 fatcat:5h5phkn4jjfvfceg4xasfjxsmy

Discovering "unknown known" security requirements

Awais Rashid, Syed Asad Ali Naqvi, Rajiv Ramdhany, Matthew Edwards, Ruzanna Chitchyan, M. Ali Babar
2016 Proceedings of the 38th International Conference on Software Engineering - ICSE '16  
A number of theoretical security models are available that provide best practice security guidelines and are widely utilised as a basis to identify and operationalise security requirements.  ...  Such models often capture high-level security concepts (e.g., whitelisting, secure configurations, wireless access control, data recovery, etc.), strategies for operationalising such concepts through specific  ...  Such models offer high-level security concepts that can be used as a basis for security requirements.  ... 
doi:10.1145/2884781.2884785 dblp:conf/icse/RashidNRECB16 fatcat:wf2rm5l3wjhyrj2djxvpqk5j3q

Building an Enterprise it Security Management System [chapter]

Meletis A. Belsis, Leonid Smalov
2003 Security and Privacy in the Age of Uncertainty  
This paper presents the work in progress in developing an enterprise information security data model.  ...  Moving towards a knowledge economy, managing effectively and safely the corporate data is the key to an organisation's survival and success.  ...  Decomposing further the proposed enterprise IT security data model, an incident model was created.  ... 
doi:10.1007/978-0-387-35691-4_16 fatcat:ca4mnbgbojesze5yxnuxctvuc4

Factors Influencing the Adoption of Cloud Incident Handling Strategy: A Preliminary Study in Malaysia [article]

Nurul Hidayah Ab Rahman, Kim-Kwang Raymond Choo
2015 arXiv   pre-print
We propose a conceptual model that draws upon the Situation Awareness (SA) model and Protection Motivation Theory (PMT) to guide this research. 40 organisational cloud service users in Malaysia were surveyed  ...  We, therefore, suggest a successful adoption cloud incident handling strategy by organisational cloud service users involves the nexus between these four PMT factors.  ...  Acknowledgements The first author is currently a PhD student at the University of South Australia, supported by Ministry of Education, Malaysia (MOE) and University of Tun Hussein Onn Malaysia (UTHM).  ... 
arXiv:1505.02908v1 fatcat:yx2eg4bzd5fthkc7cnbafdyg4e

A Study on the Development of Next Generation Intelligent Integrated Security Management Model using Big Data Technology

Jeong Beom Kim
2015 International Journal of Security and Its Applications  
This new model technology can be a more enhanced approach than conventional security technology in terms of detection and response speed.  ...  Infrastructure for Information Security Model: The Infrastructure of security system should provide a security architecture, security development, adequately secured and configured system, user access  ...  International Journal of Security and Its Applications Vol. 9, No. 6 (2015) Copyright ⓒ 2015 SERSC  ... 
doi:10.14257/ijsia.2015.9.6.21 fatcat:oa6oxi6uljbp7isxc52tjrzkdm

Resilience as a New Enforcement Model for IT Security Based on Usage Control

Sven Wohlgemuth
2014 2014 IEEE Security and Privacy Workshops  
Usage control is the suitable security policy model, since it allows changes during run-time without conceptually raising additional incidents.  ...  With the goal of improving security and privacy, this work proposes adapting an IT security model and its enforcement to current and most probable incidents before they result in an unacceptable risk for  ...  I would like to thank Isao Echizen, Hiroshi Maruyama, Kazuhiro Minami, Günter Müller, Stefan Sackmann, Matthias Schunter, Noboru Sonehara, A Min Tjoa, and Michael Waidner for discussions and their comments  ... 
doi:10.1109/spw.2014.14 dblp:conf/sp/Wohlgemuth14 fatcat:bbc3ap4mz5btpptcdqk6ltcydi

An Asset to Security Modeling?

Andreas Poller, Sven Türpe, Katharina Kinder-Kurlanda
2014 Proceedings of the 2014 workshop on New Security Paradigms Workshop - NSPW '14  
We propose to model the stakeholder collaboration networks and to analyze scenarios of how security incidents affect relationships between stakeholders.  ...  Transmission factors characterizing a relationship help us to assess the impact of incidents. We apply the conventional method and our new approach to a case study and compare the results.  ...  This research was funded by the European Center for Security and Privacy by Design (EC-SPRIDE).  ... 
doi:10.1145/2683467.2683474 dblp:conf/nspw/PollerTK14 fatcat:uxtcnuih7najratvou4h3kmn7q

Data model extension for security event notification with dynamic risk assessment purpose

David Lopez, Oscar Pastor, Luis Javier Garcia Villalba
2013 Science China Information Sciences  
This data model aims to facilitate a global vision of information systems risk by supplying real-time security events data to risk assessment tools based on renowned methodologies.  ...  Data model extension for security event notification with dynamic risk assessment purpose.  ...  Ad hoc applications using these models are implemented in CERT environments. These efforts have raised the maturity level of the IODEF model close to a standard for IS security incidents.  ... 
doi:10.1007/s11432-013-5018-z fatcat:sg3suhfspjfzflnkapoqwukdvm

Workflow Based Security Incident Management [chapter]

Meletis A. Belsis, Alkis Simitsis, Stefanos Gritzalis
2005 Lecture Notes in Computer Science  
Currently, several security incident database models have been proposed and used.  ...  Our framework enhances the incident management process by allowing the law enforcement units to (a) collect the required evidence from incident data that are spread through a number of different incident  ...  The European project S2003 proposed a simple data model that can be used to build a library of security incidents [9] .  ... 
doi:10.1007/11573036_65 fatcat:jma6qff5tbeirndcjjx3z57os4

Predicting Cyber Threats with Virtual Security Products

Shang-Tse Chen, Yufei Han, Duen Horng Chau, Christopher Gates, Michael Hart, Kevin A. Roundy
2017 Proceedings of the 33rd Annual Computer Security Applications Conference on - ACSAC 2017  
Managed Security Service Providers (MSSP's), which are tasked with detecting security incidents on behalf of multiple customers, are confronted with these data quality issues, but also possess a wealth  ...  We use MSSP data to develop Virtual Product, which addresses the aforementioned data challenges by predicting what security events would have been triggered by a security product if it had been present  ...  PROPOSED MODEL: VIRTUAL PRODUCT Given a security product P, our Virtual Product model aims to detect and categorize incidents for customers who have not deployed P.  ... 
doi:10.1145/3134600.3134617 dblp:conf/acsac/ChenHCGHR17 fatcat:233cu5sdjzevvhvynrrgqar4ma

Security and privacy in business networking

Sven Wohlgemuth, Stefan Sackmann, Noboru Sonehara, A Min Tjoa
2014 Electronic Markets  
The articles of this special issue, which have been accepted after a double-blind peer review, contribute to this view on interdisciplinary security engineering in regard to the stages of security and  ...  This special issue on 'Security and Privacy in Business Networking' contributes to the journal 'Electronic Markets' by introducing a different view on achieving acceptable secure business networking applications  ...  an incident and its propagation to a secure ICT system is always possible.  ... 
doi:10.1007/s12525-014-0158-6 fatcat:bfo34xhhwnbbpkafvtitjqcruy

Challenges of information security incident learning: An industrial case study in a Chinese healthcare organization

Ying He, Chris Johnson
2017 Informatics for Health and Social Care  
Security incidents can have negative impacts on healthcare organisations and the security of medical records has become a primary concern of the public.  ...  In response to this case study, we suggest the security assurance modelling framework to address those obstacles.  ...  Ahmad [24, 25] proposed a double loop learning model and a dynamic security learning (DSL) process model to address this issue.  ... 
doi:10.1080/17538157.2016.1255629 pmid:28068150 fatcat:rvf244dfqfad7hyvsvgmiz7i5y

Towards the Development of an Integrated Incident Response Model for Database Forensic Investigation Field

Arafat Al-Dhaqm, Shukor Razak, Kamran Siddique, Richard Adeyemi Ikuesan, Victor R. Kebande
2020 IEEE Access  
INDEX TERMS Database security, database forensics investigation, database incident, pre-incident response, during-incident response, post-incident response. 145018 This work is licensed under a Creative  ...  As a result, this paper has proposed suitable steps of constructing and Integrated Incident Response Model (IIRM) that can be relied upon in the database forensic investigation field.  ...  Thus, a security policy is a specification of security requirements, usually specified based on some security model.  ... 
doi:10.1109/access.2020.3008696 fatcat:xjjlp7ikevgk3oi7jdghv2ki4m

A Comparative Assessment of Computer Security Incidence Handling

Uchenna Ani, Nneka Agbanusi
2014 British Journal of Mathematics & Computer Science  
This defines a shift from response to management of computer security incidents in anointer relationship manner that foster collaboration through the exchange and sharing of incidence management details  ...  management, as it provides an organised way of handling the aftermaths of a security breach.  ...  Security Coordination Model A Security Coordination Model for Inter-Organisational Information Incidents Response Forensic Process was proposed by [10] .  ... 
doi:10.9734/bjmcs/2014/11874 fatcat:n4v7ln5ymzck7lcojepcskgkv4
« Previous Showing results 1 — 15 out of 318,273 results