Fulltext available Open Access
License: 
Title: Risk Management System Prototype based on an Extended Time-To-Compromise (TTC) Metric
Language: English
Authors: Mantel, Alex 
Keywords: IT-Sicherheit; Metriken; Time to Compromise; Modellierung; Risiko Management; Prototyp; Schwachstellenmanagement; CVE; CPE; IT-Security; Metrics; Time to Compromise; Asset Modeling; Risk Management; Prototype; Vulnerability Management; CVE; CPE
Issue Date: 20-Sep-2018
Abstract: 
Goal of this work was the creation of a risk management system, with the use of β-Time-To- Compromise metric (Andrej Zieger (2018)) and an advisory datbase. During the process from requirements analysis till the end of the iplementation we aim to support a risk management process (Stoneburner u. a. (2002)). A system is rated by a persistent model, not as common by a impersistent vulnerabiliy scan. This work is relevant for security managers, risk managers and critical emergency response teams.

Ziel dieser Arbeit war es ein Riskomanagementsystem zu entwickeln, welches sich der Metrik β-Time-To-Compromise (Andrej Zieger (2018)) und einer Advisory Datenbank bedient. Von der Auflistung der Anforderungen bis hin zur Implementation wurde ein Riskomanagement Prozess begleitet (Stoneburner u. a. (2002)). Ein System soll demnach für eine Bewertung persistent modelliert werden und nicht, wie es bisher üblich ist, aus flüchtigen Schwachstellenscans. Die Arbeit hat den Anspruch für Sicherheitsbeauftragte, Riskomanager und Critical Emergency Response Teams interessant zu sein.
URI: http://hdl.handle.net/20.500.12738/8451
Institute: Department Informatik 
Type: Thesis
Thesis type: Bachelor Thesis
Advisor: Kossakowski, Klaus-Peter  
Referee: Sarstedt, Stefan 
Appears in Collections:Theses

Files in This Item:
File Description SizeFormat
alex_mantel_2018.pdf1.18 MBAdobe PDFView/Open
Show full item record

Page view(s)

159
checked on Dec 26, 2024

Download(s)

177
checked on Dec 26, 2024

Google ScholarTM

Check

HAW Katalog

Check

Note about this record


Items in REPOSIT are protected by copyright, with all rights reserved, unless otherwise indicated.