Skip to main content
SpringerLink
Log in

A Knowledge-Based Tool to Support Clear Relationship between Threats and Countermeasures Based on International Standards

  • Conference paper
Challenges for Next Generation Network Operations and Service Management (APNOMS 2008)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 5297))

Included in the following conference series:

  • 1102 Accesses

Abstract

In this paper, we propose a web application for security policy management by using threats-countermeasure model based on international standards. The main objective of this research is to create a knowledge-base to identify and specify the threats that affect the IT environment. In addition, our proposed knowledge-base system intends to fuse similar security controls or objectives to create effectively a security guideline for a specific IT environment. This web application display a detail of the most common threats to the information systems, and for each threat, present a set of related security controls from different international standards including ISO/IEC 27002.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ISO/IEC 15408. Common Criteria for Information Technology Security Evaluation Part 1-3. Version 3 CCIMB-99-031 (August 1999)

    Google Scholar 

  2. ISO/IEC TR 15446. Information technology - Security techniques - Guide for the production of protection profiles and security targets (2004)

    Google Scholar 

  3. ISO/IEC TR 13335-1-5, Information technology - Guidelines for the management of IT Security

    Google Scholar 

  4. ISO/IEC 17799. Information technology - Code of practice for information security management (2000)

    Google Scholar 

  5. ISO/IEC 27001. Information technology - Security techniques - Information security management systems - Requirements (2005)

    Google Scholar 

  6. Ramirez Caceres, G.H., Teshigawara, Y.: Proposal of a Creation Method for Secure and Trusted IT Environment Based on Multiple International Standards. In: APNOMS 2006, Busan, Korea (September 2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Graduate School of Engineering, Soka University, 1-236 Tangi-cho, Hachioji, Tokyo, 192-8577, Japan

    Guillermo Horacio Ramirez Caceres & Yoshimi Teshigawara

Authors
  1. Guillermo Horacio Ramirez Caceres
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yoshimi Teshigawara
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Network Information Center, Beijing University of Posts and Telecommunications, 100876, Beijing, China

    Yan Ma

  2. School of Electronic & Computer Engineering, Chonnam National University, 500-757, Gwangju, Republic of Korea

    Deokjai Choi

  3. Graduate School of Engineering Osaka City University, 3–3–138 Sugimoto, Sumiyoshi-ku, 558–8585, Osaka, Japan

    Shingo Ata

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Caceres, G.H.R., Teshigawara, Y. (2008). A Knowledge-Based Tool to Support Clear Relationship between Threats and Countermeasures Based on International Standards. In: Ma, Y., Choi, D., Ata, S. (eds) Challenges for Next Generation Network Operations and Service Management. APNOMS 2008. Lecture Notes in Computer Science, vol 5297. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88623-5_67

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-88623-5_67

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-88622-8

  • Online ISBN: 978-3-540-88623-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation