Study on a Threat-Countermeasure Model Based on International Standard Information

Study on a Threat-Countermeasure Model Based on International Standard Information

Many international standards exist in the field of IT security. This research is based on the ISO/IEC 15408, 15446, 19791, 13335 and 17799 standards. In this paper, we propose a knowledge base comprising a threat countermeasure model based on international standards for identifying and specifying th...

Full description

Bibliographic Details
Main Authors: Guillermo Horacio Ramirez Caceres, Yoshimi Teshigawara
Format: Article
Language:English
Published: International Institute of Informatics and Cybernetics 2008-12-01
Series:Journal of Systemics, Cybernetics and Informatics
Subjects:
International Standards
Threat Model
Knowledge-Base
Security Control
Web Application
Online Access:http://www.iiisci.org/Journal/CV$/sci/pdfs/QS976RR.pdf
Description
Summary:Many international standards exist in the field of IT security. This research is based on the ISO/IEC 15408, 15446, 19791, 13335 and 17799 standards. In this paper, we propose a knowledge base comprising a threat countermeasure model based on international standards for identifying and specifying threats which affect IT environments. In addition, the proposed knowledge base system aims at fusing similar security control policies and objectives in order to create effective security guidelines for specific IT environments. As a result, a knowledge base of security objectives was developed on the basis of the relationships inside the standards as well as the relationships between different standards. In addition, a web application was developed which displays details about the most common threats to information systems, and for each threat presents a set of related security control policies from different international standards, including ISO/IEC 27002.
ISSN:1690-4524

Similar Items