From Situation Awareness to Action: An Information Security Management Toolkit for Socio-technical Security Retrospective and Prospective Analysis

机译：从局势意识到行动：社会技术安全回顾和前瞻性分析的信息安全管理工具包

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Inspired by the root cause analysis procedures common in safety, we propose a methodology for a prospective and a retrospective analysis of security and a tool that implements it. When applied prospectively, the methodology guides analysts to assess socio-technical vulnerabilities in a system, helping them to evaluate their choices in designing security policies and controls. But the methodology works also retrospectively. It assists analysts in retrieving the causes of an observed socio-technical attack, guiding them to understand where the information security management of the system has failed. The methodology is tuned to find causes that root in the human-related factors that an attacher can exploit to execute its intrusion.

机译：灵感来自根本原因分析程序的安全性常见，我们提出了一种潜在的方法和回顾性的安全性和实现它的工具。在预期应用时，方法论会指导分析师在系统中评估社会技术漏洞，帮助他们在设计安全政策和控制方面评估他们的选择。但该方法还回顾性地工作。它协助分析师检索观察到的社会技术攻击的原因，指导他们了解系统的信息安全管理失败的位置。该方法被调整以发现原因是在人类相关的因素中root的原因，以便保持的人可以利用其侵入。

著录项

来源
《International Conference on Information Systems Security and Privacy》|2017年|1(CD-ROM)|共12页
会议地点
作者
Jean-Louis Huynen; Gabriele Lenzini;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP393.08-53;
关键词
Socio-technical Security; Information Security Management and Reasoning; Root Cause Analysis;

机译：社会技术安全;信息安全管理和推理;根本原因分析;

相似文献

外文文献
中文文献
专利

1. Relating Wiener's cybernetics aspects and a situation awareness model implementation for information security risk management [J] . Anjaria Kushal, Mishra Arun Kybernetes: The International Journal of Systems & Cybernetics . 2018,第1期

机译：有关Wiener的控制论方面和信息认证风险管理的情况
2. A situation awareness model for information security risk management [J] . Jeb Webb, Atif Ahmad, Sean B. Maynard, Computers & Security . 2014,第jula期

机译：信息安全风险管理的态势感知模型
3. Study of situation awareness of cultural security based on social media analysis [J] . Jianjun Li, Yonghui Dai, Qinghua Shi, International Journal of Distributed Sensor Networks . 2020,第1期

机译：基于社交媒体分析的文化安全状况认识研究
4. From Situation Awareness to Action: An Information Security Management Toolkit for Socio-technical Security Retrospective and Prospective Analysis [C] . Jean-Louis Huynen, Gabriele Lenzini International Conference on Information Systems Security and Privacy . 2017

机译：从局势意识到行动：社会技术安全回顾和前瞻性分析的信息安全管理工具包
5. Industrial control system cybersecurity situation awareness: A multiple case analysis. [D] . Leary, Mark Francis. 2011

机译：工业控制系统网络安全状况意识：多案例分析。
6. Novel Dutch Self-Assessment Biosecurity Toolkit to Identify Biorisk Gaps and to Enhance Biorisk Awareness [O] . Petra C. C. Sijnesael, Linda M. van den Berg, Diederik A. Bleijs, 2014

机译：新颖的荷兰自我评估生物安全工具包可识别生物风险缺口并增强生物风险意识
7. From Situation Awareness to Action: An Information Security Management Toolkit for Socio-Technical Security Retrospective and Prospective Analysis [O] . Huynen, Jean-Louis, Lenzini, Gabriele 2017

机译：从形势意识到行动：用于社会技术安全回顾和前瞻性分析的信息安全管理工具包

From Situation Awareness to Action: An Information Security Management Toolkit for Socio-technical Security Retrospective and Prospective Analysis

摘要

著录项

相似文献

相关主题

期刊订阅