Decentralized Semantic Threat Graphs - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2012

Decentralized Semantic Threat Graphs

Simon N. Foley
  • Fonction : Auteur
  • PersonId : 1001643
William M. Fitzgerald
  • Fonction : Auteur
  • PersonId : 1010031

Résumé

Threat knowledge-bases such as those maintained by MITRE and NIST provide a basis with which to mitigate known threats to an enterprise. These centralised knowledge-bases assume a global and uniform level of trust for all threat and countermeasure knowledge. However, in practice these knowledge-bases are composed of threats and countermeasures that originate from a number of threat providers, for example Bugtraq. As a consequence, threat knowledge consumers may only wish to trust knowledge about threats and countermeasures that have been provided by a particular provider or set of providers. In this paper, a trust management approach is taken with respect to threat knowledge-bases. This provides a basis with which to decentralize and delegate trust for knowledge about threats and their mitigation to one or more providers. Threat knowledge-bases are encoded as Semantic Threat Graphs. An ontology-based delegation scheme is proposed to manage trust across a model of distributed Semantic Threat Graph knowledge-bases.
Fichier principal
Vignette du fichier
978-3-642-31540-4_14_Chapter.pdf (182.82 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-01534768 , version 1 (08-06-2017)

Licence

Paternité

Identifiants

Citer

Simon N. Foley, William M. Fitzgerald. Decentralized Semantic Threat Graphs. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. pp.177-192, ⟨10.1007/978-3-642-31540-4_14⟩. ⟨hal-01534768⟩
129 Consultations
88 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More