Risk Management System Prototype based on an Extended Time-To-Compromise (TTC) Metric

Mantel, Alex

DC Field	Value	Language
dc.contributor.advisor	Kossakowski, Klaus-Peter	-
dc.contributor.author	Mantel, Alex
dc.date.accessioned	2020-09-29T14:46:25Z	-
dc.date.available	2020-09-29T14:46:25Z	-
dc.date.created	2018
dc.date.issued	2018-09-20
dc.identifier.uri	http://hdl.handle.net/20.500.12738/8451	-
dc.description.abstract	Goal of this work was the creation of a risk management system, with the use of β-Time-To- Compromise metric (Andrej Zieger (2018)) and an advisory datbase. During the process from requirements analysis till the end of the iplementation we aim to support a risk management process (Stoneburner u. a. (2002)). A system is rated by a persistent model, not as common by a impersistent vulnerabiliy scan. This work is relevant for security managers, risk managers and critical emergency response teams.	en
dc.description.abstract	Ziel dieser Arbeit war es ein Riskomanagementsystem zu entwickeln, welches sich der Metrik β-Time-To-Compromise (Andrej Zieger (2018)) und einer Advisory Datenbank bedient. Von der Auflistung der Anforderungen bis hin zur Implementation wurde ein Riskomanagement Prozess begleitet (Stoneburner u. a. (2002)). Ein System soll demnach für eine Bewertung persistent modelliert werden und nicht, wie es bisher üblich ist, aus flüchtigen Schwachstellenscans. Die Arbeit hat den Anspruch für Sicherheitsbeauftragte, Riskomanager und Critical Emergency Response Teams interessant zu sein.	de
dc.language.iso	en	en
dc.rights.uri	http://rightsstatements.org/vocab/InC/1.0/	-
dc.subject	IT-Sicherheit	de
dc.subject	Metriken	de
dc.subject	Time to Compromise	de
dc.subject	Modellierung	de
dc.subject	Risiko Management	de
dc.subject	Prototyp	de
dc.subject	Schwachstellenmanagement	de
dc.subject	CVE	de
dc.subject	CPE	de
dc.subject	IT-Security	en
dc.subject	Metrics	en
dc.subject	Time to Compromise	en
dc.subject	Asset Modeling	en
dc.subject	Risk Management	en
dc.subject	Prototype	en
dc.subject	Vulnerability Management	en
dc.subject	CVE	en
dc.subject	CPE	en
dc.subject.ddc	004 Informatik
dc.title	Risk Management System Prototype based on an Extended Time-To-Compromise (TTC) Metric	en
dc.type	Thesis
openaire.rights	info:eu-repo/semantics/openAccess
thesis.grantor.department	Department Informatik
thesis.grantor.place	Hamburg
thesis.grantor.universityOrInstitution	Hochschule für angewandte Wissenschaften Hamburg
tuhh.contributor.referee	Sarstedt, Stefan	-
tuhh.gvk.ppn	1031133402
tuhh.identifier.urn	urn:nbn:de:gbv:18302-reposit-84536	-
tuhh.note.extern	publ-mit-pod
tuhh.note.intern	1
tuhh.oai.show	true	en_US
tuhh.opus.id	4383
tuhh.publication.institute	Department Informatik
tuhh.type.opus	Bachelor Thesis	-
dc.subject.gnd	Modellierung
dc.subject.gnd	Prototyp
dc.subject.gnd	Risikomanagement
dc.type.casrai	Supervised Student Publication	-
dc.type.dini	bachelorThesis	-
dc.type.driver	bachelorThesis	-
dc.type.status	info:eu-repo/semantics/publishedVersion
dc.type.thesis	bachelorThesis
dcterms.DCMIType	Text	-
tuhh.dnb.status	domain	-
item.creatorGND	Mantel, Alex	-
item.fulltext	With Fulltext	-
item.creatorOrcid	Mantel, Alex	-
item.grantfulltext	open	-
item.cerifentitytype	Publications	-
item.advisorGND	Kossakowski, Klaus-Peter	-
item.languageiso639-1	en	-
item.openairecristype	http://purl.org/coar/resource_type/c_46ec	-
item.openairetype	Thesis	-
Appears in Collections:	Theses