Skip to Main content Skip to Navigation
Conference papers

Decentralized Semantic Threat Graphs

Abstract : Threat knowledge-bases such as those maintained by MITRE and NIST provide a basis with which to mitigate known threats to an enterprise. These centralised knowledge-bases assume a global and uniform level of trust for all threat and countermeasure knowledge. However, in practice these knowledge-bases are composed of threats and countermeasures that originate from a number of threat providers, for example Bugtraq. As a consequence, threat knowledge consumers may only wish to trust knowledge about threats and countermeasures that have been provided by a particular provider or set of providers. In this paper, a trust management approach is taken with respect to threat knowledge-bases. This provides a basis with which to decentralize and delegate trust for knowledge about threats and their mitigation to one or more providers. Threat knowledge-bases are encoded as Semantic Threat Graphs. An ontology-based delegation scheme is proposed to manage trust across a model of distributed Semantic Threat Graph knowledge-bases.
Document type :
Conference papers
Complete list of metadata
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, June 8, 2017 - 11:06:32 AM
Last modification on : Monday, June 15, 2020 - 1:38:03 PM
Long-term archiving on: : Saturday, September 9, 2017 - 12:51:04 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Simon N. Foley, William M. Fitzgerald. Decentralized Semantic Threat Graphs. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. pp.177-192, ⟨10.1007/978-3-642-31540-4_14⟩. ⟨hal-01534768⟩



Record views


Files downloads