From Security Modelling to Run-time Security Monitoring
نویسندگان
چکیده
In this paper we take the first steps from security modelling to runtime security monitoring. Providing full support for run-time security monitoring requires that following issues are solved: security concepts has to be defined in an unambiguous way, security level has to be defined and measured, and finally, software has to adapt itself based on measurements and requirements. This paper addresses the unambiguous definition of security by examining existing security ontologies. None of the existing ontologies is able to support run-time security monitoring as such, and there is a need to combine and widen these ontologies. In addition, this paper describes our vision how run-time security management can be achieved as the wholeness.
منابع مشابه
DyVSoR: dynamic malware detection based on extracting patterns from value sets of registers
To control the exponential growth of malware files, security analysts pursue dynamic approaches that automatically identify and analyze malicious software samples. Obfuscation and polymorphism employed by malwares make it difficult for signature-based systems to detect sophisticated malware files. The dynamic analysis or run-time behavior provides a better technique to identify the threat. In t...
متن کاملSecuring information flow via dynamic capture of dependencies
Although static systems for information flow security are well-studied, few works address run-time information flow monitoring. Run-time information flow control offers distinct advantages in precision and in the ability to support dynamically defined policies. To this end, we here develop a new run-time information flow system based on the run-time tracking of indirect dependencies between pro...
متن کاملSecurity Analysis of Lightweight Authentication Scheme with Key Agreement using Wireless Sensor Network for Agricultural Monitoring System
Wireless sensor networks have many applications in the real world and have been developed in various environments. But the limitations of these networks, including the limitations on the energy and processing power of the sensors, have posed many challenges to researchers. One of the major challenges is the security of these networks, and in particular the issue of authentication in the wireles...
متن کاملSecurity Challenges in Fog Computing in Healthcare
Background and Aim: The Fog Computing is a highly virtualized platform that provides storage, computing and networking services between the Cloud data centers and end devices. Fog computing fits the characteristics of real-time health monitoring systems. In such systems, a large amount of data is acquired from a multitude of bio and environmental sensors. On the other hand, its distribution and...
متن کاملEnterprise Models as Drivers for IT Security Management at Runtime
This paper describes how enterprise models can be made suitable for monitoring and controlling IT security at runtime. A holistic modeling method is proposed that extends enterprise models with runtime information, turning them into dashboards for managing security incidents and risks, and supporting decision making at runtime. The requirements of such a modeling method are defined and an exist...
متن کامل