Papers by Wolfgang Boehmer
Handbook of Research on Emerging Developments in Data Privacy, 2000
Technologies and Applied Solutions, 2000
Lecture Notes in Computer Science, 2013
2011 IEEE Third Int'l Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third Int'l Conference on Social Computing, 2011
In the development of individual security concepts, risk-based information security management sy... more In the development of individual security concepts, risk-based information security management systems (ISMS) according to ISO 27001 have established themselves in addition to policies in the field of IT infrastructures. Particularly in the field of critical infrastructures, however, it has been shown that despite functioning security concepts, the Stuxnet virus was able to spread through industrial systems (infection). Neverthelessthe existing security concepts are not useless, but rarely take effect in behavioral risk. In this paper, we use the Trust/Investor game of the Game Theory to analyze the infection path. In general, the infection path is one game in a complex multi layer game. As a result, based on a Nash equilibrium, a cooperative solution is proposed to arm the existing IT security concepts against such infections.
2008 Second International Conference on Emerging Security Information, Systems and Technologies, 2008
The ISO27001:2005, as an information security management system (ISMS), is establishing itself mo... more The ISO27001:2005, as an information security management system (ISMS), is establishing itself more and more as the security standard in enterprises. In 2008 more than 4457 certified enterprises could be registered worldwide 1 . Nevertheless, the registering an ISMS still says nothing about the quality and performance of its implementation. Therefore, in this article, a method for measuring the performance of the implementation and operation of an ISMS is presented.
Lecture Notes in Computer Science, 2014
In this short article, a proposal to simulate a sophisticated attack on a technical infrastructur... more In this short article, a proposal to simulate a sophisticated attack on a technical infrastructure is discussed. Attacks on (critical) infrastructures can be modeled with attack trees, but regular (normal) attack trees have some limitation in the case of a sophisticated attack like an advanced persistent (sophisticated) attack. Furthermore, attacks can also be simulated to understand the type of attack, and in order to subsequently develop targeted countermeasures. In this case, a normal, and also a sophisticated attack, is typically carried out in three phases. In the first phase (I) extensive information is gathered about the target object. In the second phase (II), the existing information is verified with a target object scan. In the third phase (III), the actual attack takes place. A normal attack tree is not able to explain this kind of attack behavior. So, we advanced a normal attack tree, which uses conditional probability according to Bayes to go through a certain path -step by step -from the leaf to the root. The learning ability, which typically precedes an attack (phase II), is simulated using a genetic algorithm.
2010 10th IEEE International Conference on Computer and Information Technology, 2010
The limits of traditional (static) policies are wellknown in many areas of computer science and i... more The limits of traditional (static) policies are wellknown in many areas of computer science and information security, and are extensively discussed in the literature. Although some flexibility has been achieved with the introduction of dynamic policies, these efforts have only addressed a fraction of the requirements necessary to secure today's enterprises. Currently, no feedback mechanisms are in place to evaluate the effectiveness or economic impacts of static or dynamic policy implementation. Here, we address the requirement for feedback and present a policy for the next generation. This is a policy that includes a dynamic feedback response to the effectiveness of changes. The structure of this new type of policy, called a "management system", is borrowed from discrete event system (DES) theory and functions as a control loop. A management system consists of four elements (control system, sensor, controller, and actuator) that are involved in a control law. Two types of management system can be defined. A simple management system (1 st order management system) responds to and regulates only perturbations. An advanced management system (2 nd order management system) has an overarching target function that influences the controller. This target function is usually economically oriented. Finally, we compare our new type of policy with two management systems that follows the Plan-Do-Check-Act (PDCA cycle) model. We investigate the two PDCA cycle standards ISO/IEC 27001 (Information Security Management System, ISMS) and BS 25999 (Business Continuity Management System, BCMS). We also show that the new type of policy can be applied to management systems based on a PDCA cycle.
2009 Third International Conference on Emerging Security Information, Systems and Technologies, 2009
In this paper, a new model is presented for evaluating the performance of a Business Continuity M... more In this paper, a new model is presented for evaluating the performance of a Business Continuity Management System according to BS 25999. This model is able to calculate the survivability ex-ante if the key performance indicator for the effectiveness exists. Performance is based fundamentally on the system's Business Continuity Plans and Disaster Recovery Plans. Typically, the performance of these plans is evaluated by a number of specific exercises at various intervals and, in many cases, with a variety of targets. Furthermore, these specific exercises are rerun after a longer period (≥ a year) and then often only partially. If a company is interested in taking performance measurements over a shorter period, obstacles and financial restrictions are often encountered. Furthermore, it is difficult for companies to give an ex-ante statement of their survival in the case of a disaster. Two key performance indicators are presented that allow the performance of a Business Continuity Management System to be evaluated according to BS 25999. Using these key performance indicators, the probability of survival can be estimated before extreme events occur.
2010 24th IEEE International Conference on Advanced Information Networking and Applications, 2010
Whether programs are called data loss prevention, content monitoring and filtering, employee acti... more Whether programs are called data loss prevention, content monitoring and filtering, employee activity monitoring, counter corruption, insider trading, or fraud detection, organizations have increasingly implemented projects and initiatives to examine and address insider threats. Insider-perpetrated computer crime is committed by individuals who have permission to use a system, and it is, therefore, based on the actions of trusted users. Most information walks out the front door, not through the firewall.
2010 Fourth International Conference on Emerging Security Information, Systems and Technologies, 2010
In an effort to enhance enterprise security, three standard management systems have been establis... more In an effort to enhance enterprise security, three standard management systems have been established as applications of the Deming cycle: the Information Security Management System (ISMS) in accordance with the ISO 27001 standard, the Business Continuity Management System (BCM) in accordance with the BS 25999 standard and the Information Technology Service Management System (ITSM) in accordance with the ISO 20000 standard. These three management systems have been developed to operate independent of one another, but are often used together within a given company. It can be shown that management systems modeled after the Deming cycle behave as bisimulations with dynamic feedback policies and can be expressed formally as control circuits within the Discrete Event Systems (DES) theory. In this article, we present an analytical description of the optimal structure through which the three management systems (ISMS, BCMS, and ITSM) should be linked in a company. We define a coupling parameter and, using an equation for the discrete control loop, show that ISMS and ITSM should ideally be strongly coupled, and ISMS and BCMS should be weakly coupled.
2009 International Conference on Availability, Reliability and Security, 2009
If companies wish to safeguard their value chain, they should invest with the singular goal of se... more If companies wish to safeguard their value chain, they should invest with the singular goal of securing revenues by taking adequate risk countermeasures. However, the investment in the risk countermeasure must be reflected in the adequate safeguarding of the value chain. In other words, the investment in the safeguarding, e.g., implementation of an ISMS based on ISO/IEC 27001, must be comparable to the benefit of the value chain. As a direct analysis is difficult, a suitable alternative must be found. In this paper, we propose using Key Performance Indicators (KPI) as a suitable alternative that maintains the effectiveness and economic efficiency of an ISMS. However, the KPI of effectiveness and efficiency are contradictory and constitute a trade-off. In order to minimize turnover reduction, we propose using combinatorial optimization. Such optimization should weigh the benefit of a policy in terms of risk for each control against the cost of each control in terms of avoiding, mitigating or transferring the risk up to some predetermined investment limit.
The limits of traditional (static) policies are well-known in many areas of computer science and ... more The limits of traditional (static) policies are well-known in many areas of computer science and information security, and are extensively discussed in the literature. Although some flexibility has been achieved with the introduction of dynamic policies, these efforts have only addressed a fraction of the requirements necessary to secure today's enterprises. Currently, no feedback mechanisms are in place to evaluate the effectiveness or economic impacts of static or dynamic policy implementation. Here, we address the requirement for feedback and present a policy for the next generation. This is a policy that includes a dynamic feedback response to the effectiveness of changes. The structure of this new type of policy, called a "management system", is borrowed from discrete event system (DES) theory and functions as a control loop. A management system consists of four elements (control system, sensor, controller, and actuator) that are involved in a control law. Two typ...
A new model is presented for evaluating the perfor-mance of a Business Continuity Management Syst... more A new model is presented for evaluating the perfor-mance of a Business Continuity Management System according to BS 25999. Performance is based fundamentally on the system's Business Continuity Plans and Disaster Recovery Plans. Typi-cally, the performance of these plans is inadequately evaluated using a number of specific exercises at various intervals and, in many cases, with a variety of targets. Consequently, it is difficult for companies to give ex-ante statements of their survival in the case of a disaster. Two key performance indicators are presented that allow the performance of a Business Continuity Management System to be evaluated according to BS 25999. Using these key performance indicators, the probability of survival can be estimated before extreme events occur. However, the two key performance indica-tors compete and their use invokes a trade-off: an alignment in favor of one key performance indicator is necessarily done at the expense of the other. A key performa...
Uploads
Papers by Wolfgang Boehmer