Abstract : Threat knowledge-bases such as those maintained by MITRE and NIST provide a basis with which to mitigate known threats to an enterprise. These centralised knowledge-bases assume a global and uniform level of trust for all threat and countermeasure knowledge. However, in practice these knowledge-bases are composed of threats and countermeasures that originate from a number of threat providers, for example Bugtraq. As a consequence, threat knowledge consumers may only wish to trust knowledge about threats and countermeasures that have been provided by a particular provider or set of providers. In this paper, a trust management approach is taken with respect to threat knowledge-bases. This provides a basis with which to decentralize and delegate trust for knowledge about threats and their mitigation to one or more providers. Threat knowledge-bases are encoded as Semantic Threat Graphs. An ontology-based delegation scheme is proposed to manage trust across a model of distributed Semantic Threat Graph knowledge-bases.
Nora Cuppens-Boulahia; Frédéric Cuppens; Joaquin Garcia-Alfaro. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. Springer, Lecture Notes in Computer Science, LNCS-7371, pp.177-192, 2012, Data and Applications Security and Privacy XXVI. 〈10.1007/978-3-642-31540-4_14〉
https://hal.inria.fr/hal-01534768
Contributeur : Hal Ifip
<>
Soumis le : jeudi 8 juin 2017 - 11:06:32
Dernière modification le : vendredi 13 octobre 2017 - 17:08:42
Document(s) archivé(s) le : samedi 9 septembre 2017 - 12:51:04
Simon Foley, William Fitzgerald. Decentralized Semantic Threat Graphs. Nora Cuppens-Boulahia; Frédéric Cuppens; Joaquin Garcia-Alfaro. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. Springer, Lecture Notes in Computer Science, LNCS-7371, pp.177-192, 2012, Data and Applications Security and Privacy XXVI. 〈10.1007/978-3-642-31540-4_14〉. 〈hal-01534768〉
