A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2007; you can also visit the original URL.
The file type is application/pdf
.
Using CP-nets as a guide for countermeasure selection
2007
Proceedings of the 2007 ACM symposium on Applied computing - SAC '07
In this paper we present a qualitative approach for the selection of security countermeasures able to protect an IT system from attacks. For this purpose, we model security scenarios by using defense trees (an extension of attack trees) and preferences over countermeasure using Conditional Preference networks (CP-nets for short). In particular, we introduce two different methods for the composition of preferences: the and-composition and the or-composition. The first one is used to determine a
doi:10.1145/1244002.1244073
dblp:conf/sac/BistarelliFP07
fatcat:hrnlba7a4vd6bge5ivbzhxi4d4