Formal threat descriptions for enhancing governmental risk assessment

ACM International Conference Proceeding Series

Volumn 232, Issue , 2007, Pages 40-43

  Ekelhart, Andreas ^a   Fenz, Stefan ^a   Neubauer, Thomas ^a   Weippl, Edgar ^b  

^a Secure Business Austria   (Austria)

^b VIENNA UNIVERSITY OF TECHNOLOGY   (Austria)

Author keywords

Management; Security

Indexed keywords

FUTURE THREATS; GOVERNMENTAL INSTITUTION; GOVERNMENTAL SERVICES; IT INFRASTRUCTURES; IT SECURITY; IT SYSTEM; NATURAL DISASTERS; PHYSICAL LOCATIONS; PHYSICAL MODEL; PROTOTYPICAL IMPLEMENTATION; SOFTWARE CONFIGURATION; SOFTWARE VULNERABILITIES; TERROR ATTACKS; THREAT LEVELS;

COMPUTER SOFTWARE; DISASTERS; INFORMATION TECHNOLOGY; LEGACY SYSTEMS; MANAGEMENT INFORMATION SYSTEMS; ONTOLOGY; RISK ASSESSMENT; RISK MANAGEMENT;

SECURITY OF DATA;

EID: 77953791271     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1328057.1328067     Document Type: Conference Paper

References (9)

1. CERT/CC. Cert/cc statistics 1988-2006. http://www.cert.org/stats/, January 2007.
2. Commission of the European Communities. Communication from the commission to the council, the european parliament, the european economic and social committee and the committee of the regions 'i2010 - a european information society for growth and employment'. COM(2005) 229 final, June 2005.
3. A. Ekelhart, S. Fenz, M. Klemen, and E. Weippl. Security ontologies: Improving quantitative risk analysis. In 40th Hawaii International Conference on System Sciences (HICSS'07), pages 156-162, 2007. IEEE Computer Society.
4. S. Fenz, G. Goluch, A. Ekelhart, and E. Weippl. Information Security Fortification by Ontological Mapping of the ISO/IEC 27001 Standard. In 13th Pacific Rim International Symposium on Dependable Computing, PRDC2007. IEEE Computer Society, December 2007.
5. Hewlett-Packard Development Company. JENA semantic web framework. http://jena.sourceforge.net/, August 2007.
6. International Organization for Standardization and International Electrotechnical Commission. Iso/iec 27001:2005, information technology - security techniques - information security management systems requirements.
7. I. LLC. Nmap security scanner. http://insecure.org/nmap/, June 2007.
8. Microsoft Corporation. Windows server update services. http://www.microsoft.com/germany/windowsserver2003/technologien/updateservices/ default.mspx, June 2007.
9. NIST. An introduction to computer security - the nist handbook. Technical report, NIST (National Institute of Standardsand Technology), October 1995. Special Publication 800-12.