Study on a Threat-Countermeasure Model Based on International Standard Information

Study on a Threat-Countermeasure Model Based on International Standard Information

Many international standards exist in the field of IT security. This research is based on the ISO/IEC 15408, 15446, 19791, 13335 and 17799 standards. In this paper, we propose a knowledge base comprising a threat countermeasure model based on international standards for identifying and specifying th...

Full description

Bibliographic Details
Main Authors: Guillermo Horacio Ramirez Caceres, Yoshimi Teshigawara
Format: Article
Language:English
Published: International Institute of Informatics and Cybernetics 2008-12-01
Series:Journal of Systemics, Cybernetics and Informatics
Subjects:
International Standards
Threat Model
Knowledge-Base
Security Control
Web Application
Online Access:http://www.iiisci.org/Journal/CV$/sci/pdfs/QS976RR.pdf
id doaj-978073bed9824d48a8627419b82bbac8
record_format Article
spelling doaj-978073bed9824d48a8627419b82bbac82020-11-25T00:27:17ZengInternational Institute of Informatics and CyberneticsJournal of Systemics, Cybernetics and Informatics1690-45242008-12-01664247Study on a Threat-Countermeasure Model Based on International Standard InformationGuillermo Horacio Ramirez Caceres0Yoshimi Teshigawara1 Graduate School of Engineering, Soka University Graduate School of Engineering, Soka University Many international standards exist in the field of IT security. This research is based on the ISO/IEC 15408, 15446, 19791, 13335 and 17799 standards. In this paper, we propose a knowledge base comprising a threat countermeasure model based on international standards for identifying and specifying threats which affect IT environments. In addition, the proposed knowledge base system aims at fusing similar security control policies and objectives in order to create effective security guidelines for specific IT environments. As a result, a knowledge base of security objectives was developed on the basis of the relationships inside the standards as well as the relationships between different standards. In addition, a web application was developed which displays details about the most common threats to information systems, and for each threat presents a set of related security control policies from different international standards, including ISO/IEC 27002.http://www.iiisci.org/Journal/CV$/sci/pdfs/QS976RR.pdf International StandardsThreat ModelKnowledge-BaseSecurity ControlWeb Application
collection DOAJ
language English
format Article
sources DOAJ
author Guillermo Horacio Ramirez Caceres
Yoshimi Teshigawara
spellingShingle Guillermo Horacio Ramirez Caceres
Yoshimi Teshigawara
Study on a Threat-Countermeasure Model Based on International Standard Information
Journal of Systemics, Cybernetics and Informatics
International Standards
Threat Model
Knowledge-Base
Security Control
Web Application
author_facet Guillermo Horacio Ramirez Caceres
Yoshimi Teshigawara
author_sort Guillermo Horacio Ramirez Caceres
title Study on a Threat-Countermeasure Model Based on International Standard Information
title_short Study on a Threat-Countermeasure Model Based on International Standard Information
title_full Study on a Threat-Countermeasure Model Based on International Standard Information
title_fullStr Study on a Threat-Countermeasure Model Based on International Standard Information
title_full_unstemmed Study on a Threat-Countermeasure Model Based on International Standard Information
title_sort study on a threat-countermeasure model based on international standard information
publisher International Institute of Informatics and Cybernetics
series Journal of Systemics, Cybernetics and Informatics
issn 1690-4524
publishDate 2008-12-01
description Many international standards exist in the field of IT security. This research is based on the ISO/IEC 15408, 15446, 19791, 13335 and 17799 standards. In this paper, we propose a knowledge base comprising a threat countermeasure model based on international standards for identifying and specifying threats which affect IT environments. In addition, the proposed knowledge base system aims at fusing similar security control policies and objectives in order to create effective security guidelines for specific IT environments. As a result, a knowledge base of security objectives was developed on the basis of the relationships inside the standards as well as the relationships between different standards. In addition, a web application was developed which displays details about the most common threats to information systems, and for each threat presents a set of related security control policies from different international standards, including ISO/IEC 27002.
topic International Standards
Threat Model
Knowledge-Base
Security Control
Web Application
url http://www.iiisci.org/Journal/CV$/sci/pdfs/QS976RR.pdf
work_keys_str_mv AT guillermohoracioramirezcaceres studyonathreatcountermeasuremodelbasedoninternationalstandardinformation
AT yoshimiteshigawara studyonathreatcountermeasuremodelbasedoninternationalstandardinformation
_version_ 1725340867893395456

Similar Items