| dc.contributor.author | Calvo, Miguel | |
| dc.contributor.author | Beltrán, Marta | |
| dc.date.accessioned | 2023-09-20T08:24:08Z | |
| dc.date.available | 2023-09-20T08:24:08Z | |
| dc.date.issued | 2022 | |
| dc.identifier.citation | Miguel Calvo, Marta Beltrán, A Model For risk-Based adaptive security controls, Computers & Security, Volume 115, 2022, 102612, ISSN 0167-4048, https://doi.org/10.1016/j.cose.2022.102612. (https://www.sciencedirect.com/science/article/pii/S0167404822000116) | es |
| dc.identifier.issn | 0167-4048 | |
| dc.identifier.uri | https://hdl.handle.net/10115/24403 | |
| dc.description | This research has been supported by the Madrid region (EdgeData, Grant Ref. P2018/TCS-4499) and by a research contract with Rated Power (art.83 M2186). Miguel Calvo is supported by grants from the Rey Juan Carlos University (ref. C-PREDOC21-007). | es |
| dc.description.abstract | Security controls and countermeasures have shifted from static desktop-based and corporate network environments to heterogeneous, distributed and dynamic environments (e.g., cloud and mobile computing
or Internet of Things). Due to this paradigm shift, adaptive and risk-based approaches have gained significant importance. These approaches allow security managers to perform context-aware decision making,
adapting controls’ deployment, configuration or use to every specific situation, depending on the current value of risk indicators or scores and on the level of risk tolerated by the organisation at any given
time. This paper proposes a model to automatically adapt security controls to different risk scenarios in
almost real-time (if required). This model is based on a three-layer architecture and a three-step flow
(measurement-decision-adaptation), relying on a scalable policies&rules framework capable of integrating with different kinds of controls. Furthermore, the proposed model is validated and evaluated with an
actual use case. | es |
| dc.language.iso | spa | es |
| dc.publisher | Elsevier | es |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 Internacional | * |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/4.0/ | * |
| dc.subject | Adaptive security | es |
| dc.subject | Context-aware decision making | es |
| dc.subject | Dynamic security controls | es |
| dc.subject | MAPE Loop | es |
| dc.subject | Risk-based security | es |
| dc.title | A Model For risk-Based adaptive security controls | es |
| dc.type | info:eu-repo/semantics/article | es |
| dc.identifier.doi | 10.1016/j.cose.2022.102612 | es |
| dc.rights.accessRights | info:eu-repo/semantics/openAccess | es |
Solange nicht anders angezeigt, wird die Lizenz wie folgt beschrieben: Attribution-NonCommercial-NoDerivatives 4.0 Internacional