Skip to main content
SpringerLink
Log in
Book cover

ISSE 2012 Securing Electronic Business Processes pp 64–74Cite as

The PoSecCo Security Decision Support System

  • Chapter
  • First Online:

Abstract

This paper presents the PoSecCo approach to policy refinement, that is, the problem of deriving the configurations for the security controls from a set of high-level security requirements. This process is very important for the security and trustworthiness of the IT infrastructure as confirmed by many studies that indicate it as the major cause of security breaches and availability problems. The PoSecCo project proposes an integrated system that refines a high-level policy into a set of configurations for the security controls available in the information system. This is named the PoSecCo Security Decision Support System (SDSS). The SDSS assists the administrators in all the configuration generation phases, it guides them into the policy specification and refinement process, helping them to make the right decision, and, finally, automatically performs the refinement and analysis.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Literature

  1. A. Wool, “Trends in firewall configuration errors: Measuring the holes in Swiss cheese,” IEEE Internet Computing, vol. 14, no. 4, pp. 58-65, August 2010.

    Article  MATH  Google Scholar 

  2. Center for Strategic and International Studies, “Securing cyberspace for the 44th presidency,” December 2008, http://csis.org/publication/securingcyberspace-44th-presidency

  3. D. Oppenheimer. “The importance of understanding distributed system configuration”. Proceedings of the 2003 Conference on Human Factors in Computer Systems workshop, April 2003

    Google Scholar 

  4. D. A. Patterson. “A simple way to estimate the cost of downtime”. Proceedings of LISA’02: Sixteenth Systems Administration Conference, pp. 185-188, November 2002’.

    Google Scholar 

  5. S. Bhala, M. Christodoulides, L. Cornwell, R. Jones, and B. Morris. “2010 UK security breach investigations report”, 7Safe, University of Bedfordshire, January 2010

    Google Scholar 

  6. W. Baker, A. Hutton, and D. Hylender, “Data Breach Investigations Report”, VerizonBusiness RISK team, April 2009.

    Google Scholar 

  7. Petr Plodik, “IBM Cloud Computing”, 2010 www.itcluster.cz/Files/cz/files/IBM-Plodik-Cloud.pdf

Download references

Author information

Authors and Affiliations

  1. Politecnico di Torino, Dip. di Automatica e Informatica, Torino, Italy

    Cataldo Basile & Antonio Lioy

  2. università degli studi di Bergamo School of Engineering, Bergamo, Italy

    Stefano Paraboschi

Authors
  1. Cataldo Basile
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Antonio Lioy
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Stefano Paraboschi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Cataldo Basile .

Editor information

Editors and Affiliations

  1. DuD Datenschutz und Datensicherung, TeleTrust Deutschland e.V., Eichendorffstr. 16, Erfurt, 99096, Thüringen, Germany

    Helmut Reimer

  2. Bornhoefferstr. 40a, Aachen, 52078, Germany

    Norbert Pohlmann

  3. Abraham-Lincoln-Str. 46, Wiesbaden, 65189, Germany

    Wolfgang Schneider

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer Fachmedien Wiesbaden

About this chapter

Cite this chapter

Basile, C., Lioy, A., Paraboschi, S. (2012). The PoSecCo Security Decision Support System. In: Reimer, H., Pohlmann, N., Schneider, W. (eds) ISSE 2012 Securing Electronic Business Processes. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-00333-3_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-658-00333-3_7

  • Published:

  • Publisher Name: Springer Vieweg, Wiesbaden

  • Print ISBN: 978-3-658-00332-6

  • Online ISBN: 978-3-658-00333-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation