The Experts below are selected from a list of 36447 Experts worldwide ranked by ideXlab platform
Edgar Weippl - One of the best experts on this subject based on the ideXlab platform.
-
ontology based business knowledge for simulating threats to Corporate Assets
Practical Aspects of Knowledge Management, 2006Co-Authors: Andreas Ekelhart, Stefan Fenz, Markus Klemen, Min A Tjoa, Edgar WeipplAbstract:We propose a security ontology, to provide a solid base for an applicable and holistic IT-Security approach for SMEs, enabling low-cost threat analysis. Based on the taxonomy of computer security and dependability by Landwehr [ALRL04] and the threat classification according to Peltier [Pel01], a heavy-weight ontology can be used to organize and systematically structure knowledge on threats, safeguards, and Assets. The ontology is used in an organization to capture business knowledge required for and created during a security risk analysis where instances of concepts are added to the ontology to allow the simulation of different attack and disaster scenarios. Each scenario can be replayed with a different protection profile as to evaluate the effectiveness and the cost/benefit ratio of individual safeguards.
-
Security ontology : Simulating threats to Corporate Assets
Lecture Notes in Computer Science, 2006Co-Authors: Andreas Ekelhart, Stefan Fenz, Markus Klemen, Edgar WeipplAbstract:Threat analysis and mitigation, both essential for Corporate security, are time consuming, complex and demand expert knowledge. We present an approach for simulating threats to Corporate Assets, taking the entire infrastructure into account. Using this approach effective countermeasures and their costs can be calculated quickly without expert knowledge and a subsequent security decisions will be based on objective criteria. The ontology used for the simulation is based on Landwehr's [ALRL04] taxonomy of computer security and dependability.
-
ICISS - Security ontology: simulating threats to Corporate Assets
Information Systems Security, 2006Co-Authors: Andreas Ekelhart, Stefan Fenz, Markus Klemen, Edgar WeipplAbstract:Threat analysis and mitigation, both essential for Corporate security, are time consuming, complex and demand expert knowledge. We present an approach for simulating threats to Corporate Assets, taking the entire infrastructure into account. Using this approach effective countermeasures and their costs can be calculated quickly without expert knowledge and a subsequent security decisions will be based on objective criteria. The ontology used for the simulation is based on Landwehr's [ALRL04] taxonomy of computer security and dependability.
Andreas Ekelhart - One of the best experts on this subject based on the ideXlab platform.
-
ontology based business knowledge for simulating threats to Corporate Assets
Practical Aspects of Knowledge Management, 2006Co-Authors: Andreas Ekelhart, Stefan Fenz, Markus Klemen, Min A Tjoa, Edgar WeipplAbstract:We propose a security ontology, to provide a solid base for an applicable and holistic IT-Security approach for SMEs, enabling low-cost threat analysis. Based on the taxonomy of computer security and dependability by Landwehr [ALRL04] and the threat classification according to Peltier [Pel01], a heavy-weight ontology can be used to organize and systematically structure knowledge on threats, safeguards, and Assets. The ontology is used in an organization to capture business knowledge required for and created during a security risk analysis where instances of concepts are added to the ontology to allow the simulation of different attack and disaster scenarios. Each scenario can be replayed with a different protection profile as to evaluate the effectiveness and the cost/benefit ratio of individual safeguards.
-
Security ontology : Simulating threats to Corporate Assets
Lecture Notes in Computer Science, 2006Co-Authors: Andreas Ekelhart, Stefan Fenz, Markus Klemen, Edgar WeipplAbstract:Threat analysis and mitigation, both essential for Corporate security, are time consuming, complex and demand expert knowledge. We present an approach for simulating threats to Corporate Assets, taking the entire infrastructure into account. Using this approach effective countermeasures and their costs can be calculated quickly without expert knowledge and a subsequent security decisions will be based on objective criteria. The ontology used for the simulation is based on Landwehr's [ALRL04] taxonomy of computer security and dependability.
-
ICISS - Security ontology: simulating threats to Corporate Assets
Information Systems Security, 2006Co-Authors: Andreas Ekelhart, Stefan Fenz, Markus Klemen, Edgar WeipplAbstract:Threat analysis and mitigation, both essential for Corporate security, are time consuming, complex and demand expert knowledge. We present an approach for simulating threats to Corporate Assets, taking the entire infrastructure into account. Using this approach effective countermeasures and their costs can be calculated quickly without expert knowledge and a subsequent security decisions will be based on objective criteria. The ontology used for the simulation is based on Landwehr's [ALRL04] taxonomy of computer security and dependability.
Markus Klemen - One of the best experts on this subject based on the ideXlab platform.
-
ontology based business knowledge for simulating threats to Corporate Assets
Practical Aspects of Knowledge Management, 2006Co-Authors: Andreas Ekelhart, Stefan Fenz, Markus Klemen, Min A Tjoa, Edgar WeipplAbstract:We propose a security ontology, to provide a solid base for an applicable and holistic IT-Security approach for SMEs, enabling low-cost threat analysis. Based on the taxonomy of computer security and dependability by Landwehr [ALRL04] and the threat classification according to Peltier [Pel01], a heavy-weight ontology can be used to organize and systematically structure knowledge on threats, safeguards, and Assets. The ontology is used in an organization to capture business knowledge required for and created during a security risk analysis where instances of concepts are added to the ontology to allow the simulation of different attack and disaster scenarios. Each scenario can be replayed with a different protection profile as to evaluate the effectiveness and the cost/benefit ratio of individual safeguards.
-
Security ontology : Simulating threats to Corporate Assets
Lecture Notes in Computer Science, 2006Co-Authors: Andreas Ekelhart, Stefan Fenz, Markus Klemen, Edgar WeipplAbstract:Threat analysis and mitigation, both essential for Corporate security, are time consuming, complex and demand expert knowledge. We present an approach for simulating threats to Corporate Assets, taking the entire infrastructure into account. Using this approach effective countermeasures and their costs can be calculated quickly without expert knowledge and a subsequent security decisions will be based on objective criteria. The ontology used for the simulation is based on Landwehr's [ALRL04] taxonomy of computer security and dependability.
-
ICISS - Security ontology: simulating threats to Corporate Assets
Information Systems Security, 2006Co-Authors: Andreas Ekelhart, Stefan Fenz, Markus Klemen, Edgar WeipplAbstract:Threat analysis and mitigation, both essential for Corporate security, are time consuming, complex and demand expert knowledge. We present an approach for simulating threats to Corporate Assets, taking the entire infrastructure into account. Using this approach effective countermeasures and their costs can be calculated quickly without expert knowledge and a subsequent security decisions will be based on objective criteria. The ontology used for the simulation is based on Landwehr's [ALRL04] taxonomy of computer security and dependability.
Stefan Fenz - One of the best experts on this subject based on the ideXlab platform.
-
How to Assess Confidentiality Requirements of Corporate Assets?
2014Co-Authors: Gabriela Cervantes, Stefan FenzAbstract:Confidentiality is an important property that organizations relying on information technology have to preserve. The purpose of this work is to provide a structured approach for identifying confidentiality requirements. A key step in the information security risk management process is the determination of the impact level arisen from a loss of confidentiality, integrity or availability. We deal here with impact level determination regarding confidentiality by proposing a method to calculate impact levels based on the different kind of consequences typically arisen from threats. The proposed approach assesses the impact arisen from confidentiality losses on different areas separately and uses a parameterized model that allows organizations to adjust it according to their specific needs. A validation of the developed approach has been conducted in a small software development company.
-
SEC - How to Assess Confidentiality Requirements of Corporate Assets
ICT Systems Security and Privacy Protection, 2014Co-Authors: Gabriela Varona Cervantes, Stefan FenzAbstract:Confidentiality is an important property that organizations relying on information technology have to preserve. The purpose of this work is to provide a structured approach for identifying confidentiality requirements. A key step in the information security risk management process is the determination of the impact level arisen from a loss of confidentiality, integrity or availability. We deal here with impact level determination regarding confidentiality by proposing a method to calculate impact levels based on the different kind of consequences typically arisen from threats. The proposed approach assesses the impact arisen from confidentiality losses on different areas separately and uses a parameterized model that allows organizations to adjust it according to their specific needs. A validation of the developed approach has been conducted in a small software development company.
-
ontology based business knowledge for simulating threats to Corporate Assets
Practical Aspects of Knowledge Management, 2006Co-Authors: Andreas Ekelhart, Stefan Fenz, Markus Klemen, Min A Tjoa, Edgar WeipplAbstract:We propose a security ontology, to provide a solid base for an applicable and holistic IT-Security approach for SMEs, enabling low-cost threat analysis. Based on the taxonomy of computer security and dependability by Landwehr [ALRL04] and the threat classification according to Peltier [Pel01], a heavy-weight ontology can be used to organize and systematically structure knowledge on threats, safeguards, and Assets. The ontology is used in an organization to capture business knowledge required for and created during a security risk analysis where instances of concepts are added to the ontology to allow the simulation of different attack and disaster scenarios. Each scenario can be replayed with a different protection profile as to evaluate the effectiveness and the cost/benefit ratio of individual safeguards.
-
Security ontology : Simulating threats to Corporate Assets
Lecture Notes in Computer Science, 2006Co-Authors: Andreas Ekelhart, Stefan Fenz, Markus Klemen, Edgar WeipplAbstract:Threat analysis and mitigation, both essential for Corporate security, are time consuming, complex and demand expert knowledge. We present an approach for simulating threats to Corporate Assets, taking the entire infrastructure into account. Using this approach effective countermeasures and their costs can be calculated quickly without expert knowledge and a subsequent security decisions will be based on objective criteria. The ontology used for the simulation is based on Landwehr's [ALRL04] taxonomy of computer security and dependability.
-
ICISS - Security ontology: simulating threats to Corporate Assets
Information Systems Security, 2006Co-Authors: Andreas Ekelhart, Stefan Fenz, Markus Klemen, Edgar WeipplAbstract:Threat analysis and mitigation, both essential for Corporate security, are time consuming, complex and demand expert knowledge. We present an approach for simulating threats to Corporate Assets, taking the entire infrastructure into account. Using this approach effective countermeasures and their costs can be calculated quickly without expert knowledge and a subsequent security decisions will be based on objective criteria. The ontology used for the simulation is based on Landwehr's [ALRL04] taxonomy of computer security and dependability.
John J. Mcconnell - One of the best experts on this subject based on the ideXlab platform.
-
Sheltering Corporate Assets from Political Extraction
Journal of Law Economics and Organization, 2011Co-Authors: Lorenzo Caprio, Mara Faccio, John J. McconnellAbstract:We hypothesize that firms structure their asset holdings so as to shelter Assets from extraction by politicians and bureaucrats. In countries where the threat of political extraction is higher, we hypothesize that firms hold a lower fraction of their Assets in liquid form. Consistent with this conjecture, using data representing over 30,000 firms across 109 countries, we find that Corporate holdings of liquid Assets are negatively correlated with measures of political corruption. Further, annual investment in property, plant, equipment, and inventory plus dividends is positively correlated with measures of political corruption suggesting that owners channel their cash into harder to extract Assets. To the extent that the threat of political extraction moves firms away from their otherwise optimal levels of liquid Assets, our findings suggest that the threat of political extraction may reduce economic development not only through the direct costs of political payoffs but also because the potential for asset extraction moves firms away from their otherwise optimal asset holdings. The Author 2011. Published by Oxford University Press on behalf of Yale University. All rights reserved. For Permissions, please email: journals.permissions@oup.com, Oxford University Press.
-
Sheltering Corporate Assets from Political Extraction
2010Co-Authors: Lorenzo Caprio, Mara Faccio, John J. McconnellAbstract:We hypothesize that firms structure their asset holdings so as to shelter Assets from extraction by politicians and bureaucrats. In countries where the threat of political extraction is higher, we hypothesize that firms hold a lower fraction of their Assets in liquid form. Consistent with this conjecture, using data for over 30,000 firms across 109 countries, we find that Corporate holdings of liquid Assets are negatively correlated with measures of political corruption. Further, annual investment in property, plant, equipment, and inventory plus dividends is positively correlated with measures of political corruption suggesting that owners channel their cash into harder to extract Assets. To the extent that the threat of political extraction moves firms away from their otherwise optimal levels of liquid Assets, our findings suggest that the threat of political extraction may reduce economic development not only through the direct costs of political payoffs, but also because the potential for asset extraction moves firms away from their otherwise optimal asset holdings.
-
Sheltering Corporate Assets from Political Extraction
SSRN Electronic Journal, 2008Co-Authors: Lorenzo Caprio, Mara Faccio, John J. McconnellAbstract:We hypothesize that firms structure their asset holdings so as to shelter Assets from extraction by politicians and bureaucrats. Specifically, in countries where the threat of political extraction is higher, we hypothesize that firms will hold a lower fraction of their Assets in liquid form. Consistent with this conjecture, using firm-level data from 109 countries, we find that, across countries, Corporate holdings of cash and marketable securities are negatively correlated with measures of political corruption. Further, we find that annual investment in property, plant, equipment, and inventory plus dividends is positively correlated with the measures of corruption suggesting that owners channel their cash into harder to extract Assets. To the extent that this deployment of Assets is less efficient than would occur in the absence of the threat of political extraction, Corporate sheltering of Assets may represent a channel through which corruption reduces economic growth.
