Risk Assessment Driven Use of Advanced SIEM Technology for Cyber Protection of Critical e-Health Processes

AbstractThe approach presented in this paper provides effective protection of critical business processes by applying advanced SIEM technology in a rigorous fashion, based on the results of accurate risk assessment. The proposed SIEM tool advances the State of The Art of the technology along two axes, specifically: privacy and integrity. The advancements are achieved via combined use of two of the most promising technologies for trusted computing, namely: Trusted Execution Environment (TTE) and Homomorphic Encryption (HE). The approach is validated with respect to a real use case of a Smart Hospital (i.e., one where IT is massively used), with challenging security requirements. The use case is contributed by one of the major public hospitals in Italy. Experiments demonstrate that, by relying on continuous monitoring of security relevant events and advanced correlation techniques, the SIEM solution proposed in this work effectively protects the critical workflows of the hospital business processes from cyber-attacks with high impact (specifically: serious harm to or even death of the patient).

Download Full-text

Business continuity plan

South Asian Journal of Engineering and Technology ◽

10.26524/sajet.2020.2.2 ◽

2020 ◽

Vol 10 (2) ◽

pp. 1-4

Author(s):

Ashok Kumar

Keyword(s):

Risk Assessment ◽

Disaster Recovery ◽

Business Processes ◽

Business Continuity ◽

Business Continuity Planning ◽

Continuity Planning ◽

Planning Methods ◽

Multi Cloud

The Business continuity plan and strategy provide effective solutions to Multi-cloud and Microservice approach. The business continuity plan helps to maintain backup and disaster recovery. It ensures continuous business processes during disasters and emergencies. The business continuity planning methods that include risk assessment, analyze impacts, and entire business continuity strategies.

Download Full-text

A fully homomorphic encryption based on magic number fragmentation and El‐Gamal encryption: Smart healthcare use case

Expert Systems ◽

10.1111/exsy.12767 ◽

2021 ◽

Author(s):

Mostefa Kara ◽

Abdelkader Laouid ◽

Mohammed Amine Yagoub ◽

Reinhardt Euler ◽

Saci Medileh ◽

...

Keyword(s):

Homomorphic Encryption ◽

Magic Number ◽

Use Case ◽

Healthcare Use ◽

Fully Homomorphic Encryption ◽

Smart Healthcare

Download Full-text

Modeling Workflow for Judicial Business Processes: A Use Case Driven Method

2021 7th International Conference on Information Management (ICIM) ◽

10.1109/icim52229.2021.9417044 ◽

2021 ◽

Author(s):

Tingting Zhang ◽

Xia Zeng ◽

Zhiming Liu

Keyword(s):

Business Processes ◽

Use Case

Download Full-text

Making (Implicit) Security Requirements Explicit for Cyber-Physical Systems: A Maritime Use Case Security Analysis

Communications in Computer and Information Science - Database and Expert Systems Applications ◽

10.1007/978-3-030-27684-3_11 ◽

2019 ◽

pp. 75-84 ◽

Cited By ~ 1

Author(s):

Tope Omitola ◽

Abdolbaghi Rezazadeh ◽

Michael Butler

Keyword(s):

Security Analysis ◽

Cyber Physical Systems ◽

Security Requirements ◽

Use Case ◽

Physical Systems

Download Full-text

An Investigation of Factors Influencing the Use of Computer-Related Audit Procedures

Journal of Information Systems ◽

10.2308/jis.2009.23.1.97 ◽

2009 ◽

Vol 23 (1) ◽

pp. 97-118 ◽

Cited By ~ 44

Author(s):

Diane Janvrin ◽

James Bierstaker ◽

D. Jordan Lowe

Keyword(s):

Risk Assessment ◽

Firm Size ◽

Business Processes ◽

Internal Controls ◽

Future Research ◽

Audit Firm ◽

Factors Influencing ◽

Big 4 ◽

Two Factors ◽

Client System

ABSTRACT: We provide data on the extent to which computer-related audit procedures are used and whether two factors, control risk assessment and audit firm size, influence computer-related audit procedures use. We used a field-based questionnaire to collect data from 181 auditors representing Big 4, national, regional, and local firms. Results indicate that computer-related audit procedures are generally used when obtaining an understanding of the client system and business processes and testing computer controls. Furthermore, 42.9 percent of participants indicate that they relied on internal controls; however, this percentage increases significantly for auditors at Big 4 firms. Finally, our results raise questions for future research regarding computer-related audit procedure use.

Download Full-text

Risk-aware decision support with constrained goal models

Information and Computer Security ◽

10.1108/ics-01-2018-0010 ◽

2018 ◽

Vol 26 (4) ◽

pp. 472-490 ◽

Cited By ~ 1

Author(s):

Nikolaos Argyropoulos ◽

Konstantinos Angelopoulos ◽

Haralambos Mouratidis ◽

Andrew Fish

Keyword(s):

Risk Assessment ◽

Automated Reasoning ◽

Functional System ◽

Assessment Process ◽

Security Requirements ◽

Government Information ◽

Content Type ◽

Additional Value ◽

Goal Models ◽

Selection Of

Purpose The selection of security configurations for complex information systems is a cumbersome process. Decision-making regarding the choice of security countermeasures has to take into consideration a multitude of, often conflicting, functional and non-functional system goals. Therefore, a structured method to support crucial security decisions during a system’s design that can take account of risk whilst providing feedback on the optimal decisions within specific scenarios would be valuable. Design/methodology/approach Secure Tropos is a well-established security requirements engineering methodology, but it has no concepts of Risk, whilst Constrained Goal Models are an existing method to support relevant automated reasoning tasks. Hence we bridge these methods, by extending Secure Tropos to incorporate the concept of Risk, so that the elicitation and analysis of security requirements can be complimented by a systematic risk assessment process during a system’s design time and supporting the reasoning regarding the selection of optimal security configurations with respect to multiple system objectives and constraints, via constrained goal models. Findings As a means of conceptual evaluation, to give an idea of the applicability of the approach and to check if alterations may be desirable, a case study of its application to an e-government information system is presented. The proposed approach is able to generate security mechanism configurations for multiple optimisation scenarios that are provided, whilst there are limitations in terms of a natural trade-off of information levels of risk assessment that are required to be elicited. Originality/value The proposed approach adds additional value via its flexibility in permitting the consideration of different optimisation scenarios by prioritising different system goals and the automated reasoning support.

Download Full-text

RESEARCH OF THE ISSUES OF IMPROVEMENT OF PROTECTION SYSTEMS AGAINST DDOS-ATTACKS BASED ON THE COMPREHENSIVE ANALYSIS OF MODERN INTERACTION MECHANISMS

CASPIAN JOURNAL Control and High Technologies ◽

10.21672/2074-1707.2021.53.1.063-074 ◽

2021 ◽

Vol 53 (1) ◽

pp. 63-74

Author(s):

DMITRIY A. BACHMANOV ◽

◽

ANDREY R. OCHEREDKO ◽

MICHAEL M. PUTYATO ◽

ALEXANDER S. MAKARYAN ◽

...

Keyword(s):

Denial Of Service ◽

Comprehensive Analysis ◽

Cyber Attacks ◽

Ddos Attacks ◽

Network Resources ◽

Combined Use ◽

Service Type ◽

Protection Systems ◽

Comparison Criteria

The article presents the results of an analysis of the growth in the development of botnet networks and new cyber threats when they are used by cybercriminals. A review and comparison of the models for the implementation of botnet networks is carried out, as a result of which there are two main types. The main types of attacks carried out using the infrastructure of distributed computer networks are identified and classified, formed into 7 main groups, taking into account the relevance, prevalence and amount of damage. Based on the results of the analysis, it was determined that the most widespread and relevant type of attack is “Denial of Service”. The article presents a classification of services that provide services to ensure the protection of network resources from distributed attacks by the "Denial of Service" type, by the type of deployment, the level of security and the types of services provided. The comparison criteria are given taking into account their infrastructure, availability of technical support and a test period, available types of protection, capabilities, additional options, notification and reporting, as well as licensing. Practically implemented and shown a way to integrate the DDoS-Guard Protection service with an additional module at the application level, which made it possible to expand the methods of protection against DDoS attacks. Various modifications of the combined use of the module and the modified system make it possible to increase the expected level of detection and prevention of cyber - attacks.

Download Full-text

Dynamic FCFS ACM Model for Risk Assessment on Real Time Unix File System

Transportation Systems and Engineering ◽

10.4018/978-1-4666-8473-7.ch027 ◽

2015 ◽

pp. 551-571

Author(s):

Prashant Kumar Patra ◽

Padma Lochan Pradhan

Keyword(s):

Risk Assessment ◽

Access Control ◽

Security Policy ◽

Security Requirements ◽

Management Policy ◽

Security Model ◽

Distributed Environment ◽

Web Portal ◽

Proposed Model ◽

The Right

The access control is a mechanism that a system grants, revoke the right to access the object. The subject and object can able to integrate, synchronize, communicate and optimize through read, write and execute over a UFS. The access control mechanism is the process of mediating each and every request to system resources, application and data maintained by a operating system and determining whether the request should be approve, created, granted or denied as per top management policy. The AC mechanism, management and decision is enforced by implementing regulations established by a security policy. The management has to investigate the basic concepts behind access control design and enforcement, point out different security requirements that may need to be taken into consideration. The authors have to formulate and implement several ACM on normalizing and optimizing them step by step, that have been highlighted in proposed model for development and production purpose. This research paper contributes to the development of an optimization model that aims and objective to determine the optimal cost, time and maximize the quality of services to be invested into security model and mechanisms deciding on the measure components of UFS. This model has to apply to ACM utilities over a Web portal server on object oriented and distributed environment. This ACM will be resolve the uncertainty, un-order, un formal and unset up (U^4) problems of web portal on right time and right place of any where & any time in around the globe. It will be more measurable and accountable for performance, fault tolerance, throughput, bench marking and risk assessment on any application.

Download Full-text

Secure Software Development of Cyber-Physical and IoT Systems

Encyclopedia of Information Science and Technology, Fourth Edition ◽

10.4018/978-1-5225-2255-3.ch655 ◽

2018 ◽

pp. 7525-7538

Author(s):

Muthu Ramachandran

Keyword(s):

Business Processes ◽

Systems Development ◽

Cloud Services ◽

Security Requirements ◽

Cloud Environment ◽

Systems Security ◽

Development Life Cycle ◽

General Systems ◽

Secure Software Development

This real-world case study has been used to demonstrate the best practices on business process modelling and component based design for developing cloud services with Build Security In (BSI). BSI techniques, strategies, and processes presented in this article are general systems security principles and are applicable for both a cloud environment and traditional environment (non-cloud environment). The significant contribution of this research is to illustrate the application of the extended system security method known as SysSQUARE to elicit security requirements, identify security threats of data, as well as integrating build-in security techniques by modelling and simulating business processes upfront in the systems development life cycle.

Download Full-text

Internet Use and Violent Extremism

Violent Extremism ◽

10.4018/978-1-5225-7119-3.ch004 ◽

2019 ◽

pp. 43-61

Author(s):

D. Elaine Pressman ◽

Cristina Ivan

Keyword(s):

Risk Assessment ◽

National Security ◽

Relevant Information ◽

Risk Indicators ◽

Risk Indicator ◽

Assessment Protocol ◽

Combined Use ◽

Violent Extremism ◽

Threat Assessments ◽

Warning Indicators

This chapter introduces a new approach to the risk assessment for violent extremism that is focused on cyber-related behaviour and content. The Violent Extremist Risk Assessment (VERA-2) protocol, used internationally, is augmented by an optional cyber-focused risk indicator protocol referred to as CYBERA. The risk indicators of CYBERA are elaborated and the application of CYBERA, conjointly with the VERA-2 risk assessment protocol, is described. The combined use of the two tools provides (1) a robust and cyber-focused risk assessment intended to provide early warning indicators of violent extremist action, (2) provides consistency and reliability in risk and threat assessments, (3) determines risk trajectories of individuals, and (4) assists intelligence and law enforcement analysts in their national security investigations. The tools are also relevant for use by psychologists, psychiatrists, communication analysts and provide relevant information that supports Terrorism Prevention Programs (TPP) and countering violent extremism (CVE) initiatives.

Download Full-text