_____________________________________________________________________
SUMMARY
This project aims to conceptualise and develop a quantitative method which will support organisations in making complex, multi-variable decisions in confronting information security threats. The proposed method is based on a framework that comprises ontological modeling of security knowledge, dynamic attack tree generation techniques, stochastic attack simulation, meta-heuristic identification of efficient portfolio and interactive decision support.
_____________________________________________________________________
SOLUTIONS
- Designing a holistic evaluation and optimization method for examining the total effectiveness of all implemented safeguards
- Incorporating into the method design an account of the given organisation’s information infrastructure, information assets and the threat sources
- Relying on and developing heavyweight ontologies to represent detailed security knowledge and harness that knowledge through automated reasoning
_____________________________________________________________________
LINK: http://www.fwf.ac.at/en/abstracts/abstract.asp?L=E&PROJ=P23122
_____________________________________________________________________
