The Open UniversitySkip to content

A knowledge framework for information security modelling

Liu, Shuangyan; Cheung, Ching-hang and Kwok, Lam-for (2006). A knowledge framework for information security modelling. In: 4th Australian Information Security Management Conference, 05 Dec 2006, Perth, Australia, School of Computer and Information Science, Edith Cowan University, Perth, Western Australia.

Google Scholar: Look up in Google Scholar


The data collection process for risk assessment highly depends on the security experience of security staffs of an organization. It is difficult to have the right information security staff, who understands both the security requirements and the current security state of an organization and at the same time possesses the skill to perform risk assessment. However, a well defined knowledge model could help to describe categories of knowledge required to guide the data collection process. In this paper, a knowledge framework is introduced, which includes a knowledge model to define the data skeleton of the risk environment of an organization and security patterns about relationships between threat, entity and countermeasures; and a data integration mechanism for integrating distributed security related data into a security data repository that is specific to an organization for information security modelling.

Item Type: Conference or Workshop Item
Copyright Holders: 2006 The Authors
Keywords: risk analysis; information security management; knowledge representation; data integration
Academic Unit/School: Faculty of Science, Technology, Engineering and Mathematics (STEM) > Knowledge Media Institute (KMi)
Faculty of Science, Technology, Engineering and Mathematics (STEM)
Item ID: 42147
Depositing User: Shuangyan Liu
Date Deposited: 10 Mar 2015 11:33
Last Modified: 07 Dec 2018 10:29
Share this page:

Actions (login may be required)

Policies | Disclaimer

© The Open University   contact the OU