Enterprise models as drivers for IT security management at runtime

Anat Goldstein, Sietse Overbeek

نتاج البحث: نشر في مجلةمقالة من مؤنمرمراجعة النظراء

ملخص

This paper describes how enterprise models can be made suitable for monitoring and controlling IT security at runtime. A holistic modeling method is proposed that extends enterprise models with runtime information, turning them into dashboards for managing security incidents and risks, and supporting decision making at runtime. The requirements of such a modeling method are defined and an existing enterprise modeling language is extended with relevant security concepts that also capture runtime information to satisfy these requirements. Subsequently, the resulting modeling method is evaluated against the previously defined requirements. It is also shown that common metamodeling frameworks are not suitable for implementing a modeling environment that re-sults in suitable IT security dashboards. This leads to suggesting implementation of the modeling environment using the eXecutable Modeling Facility.

اللغة الأصليةالإنجليزيّة
الصفحات (من إلى)79-88
عدد الصفحات10
دوريةCEUR Workshop Proceedings
مستوى الصوت1102
حالة النشرنُشِر - 2013
منشور خارجيًانعم
الحدثJoint 1st International Workshop on the Globalization of Modeling Languages, GEMOC 2013 and the 1st International Workshop: Towards the Model Driven Organization, AMINO 2013 - Co-located with the 16th International Conference on Model Driven Engineering Languages and Systems, MODELS 2013 - Miami, الولايات المتّحدة
المدة: ٢٩ سبتمبر ٢٠١٣٤ أكتوبر ٢٠١٣

بصمة

أدرس بدقة موضوعات البحث “Enterprise models as drivers for IT security management at runtime'. فهما يشكلان معًا بصمة فريدة.

قم بذكر هذا