Multi-objective decision support for IT security control selection

Elmar Kiesling; Andreas Ekelhart; Bernhard Grill; Christine Strauss; Christian Stummer

Multi-objective decision support for IT security control selection

Elmar Kiesling, Andreas Ekelhart, Bernhard Grill, Christine Strauss, Christian Stummer

Institut für Rechnungswesen, Innovation und Strategie

Veröffentlichungen: Beitrag in Buch › Beitrag in Konferenzband

Abstract

Identifying an optimal sets of security controls to protect complex information
systems is a challenging problem. The aim of the research project MOSES3 is to develop and implement a framework that supports decision-makers in this task. Our approach rests upon comprehensive modeling of security knowledge, dynamic attack tree generation techniques, discrete event simulation of sophisticated attacks that exploit emergent weaknesses, and multi-objective optimization of security
control portfolios. In our talk we outline the overall framework and present preliminary results.

Originalsprache	Englisch
Titel	EURO\|INFORMS 26th EUROPEAN CONFERENCE ON OPERATIONAL RESEARCH MMXIIRoME
Erscheinungsort	Rome, Italy
Seiten	253
Publikationsstatus	Veröffentlicht - 2013

ÖFOS 2012

102016 IT-Sicherheit
107007 Risikoforschung
101015 Operations Research

Schlagwörter

CMI
BWL

Zitationsweisen

@inproceedings{1018ce25bc384c79a335adf2613a0bf4,

title = "Multi-objective decision support for IT security control selection",

abstract = "Identifying an optimal sets of security controls to protect complex informationsystems is a challenging problem. The aim of the research project MOSES3 is to develop and implement a framework that supports decision-makers in this task. Our approach rests upon comprehensive modeling of security knowledge, dynamic attack tree generation techniques, discrete event simulation of sophisticated attacks that exploit emergent weaknesses, and multi-objective optimization of securitycontrol portfolios. In our talk we outline the overall framework and present preliminary results.",

keywords = "CMI, BWL",

author = "Elmar Kiesling and Andreas Ekelhart and Bernhard Grill and Christine Strauss and Christian Stummer",

year = "2013",

language = "English",

pages = "253",

booktitle = "EURO|INFORMS 26th EUROPEAN CONFERENCE ON OPERATIONAL RESEARCH MMXIIRoME",

}

TY - GEN

T1 - Multi-objective decision support for IT security control selection

AU - Kiesling, Elmar

AU - Ekelhart, Andreas

AU - Grill, Bernhard

AU - Strauss, Christine

AU - Stummer, Christian

PY - 2013

Y1 - 2013

N2 - Identifying an optimal sets of security controls to protect complex informationsystems is a challenging problem. The aim of the research project MOSES3 is to develop and implement a framework that supports decision-makers in this task. Our approach rests upon comprehensive modeling of security knowledge, dynamic attack tree generation techniques, discrete event simulation of sophisticated attacks that exploit emergent weaknesses, and multi-objective optimization of securitycontrol portfolios. In our talk we outline the overall framework and present preliminary results.

AB - Identifying an optimal sets of security controls to protect complex informationsystems is a challenging problem. The aim of the research project MOSES3 is to develop and implement a framework that supports decision-makers in this task. Our approach rests upon comprehensive modeling of security knowledge, dynamic attack tree generation techniques, discrete event simulation of sophisticated attacks that exploit emergent weaknesses, and multi-objective optimization of securitycontrol portfolios. In our talk we outline the overall framework and present preliminary results.

KW - CMI

KW - BWL

M3 - Contribution to proceedings

SP - 253

BT - EURO|INFORMS 26th EUROPEAN CONFERENCE ON OPERATIONAL RESEARCH MMXIIRoME

CY - Rome, Italy

ER -

Multi-objective decision support for IT security control selection

Abstract

ÖFOS 2012

Schlagwörter

Fingerprint

Zitationsweisen