Managing access to resources is one of the security mechanisms used for protecting the organization's assets from unauthorized usage, and thus potential data leaks. Thus, keeping access control policies up to date is a crucial task for any organization. However, the access control policy update process usually requires direct interaction of security specialists, which have knowledge and experience in counteracting abuse of privileges. Therefore, in this paper, we consider access control policies update using collaborative knowledge in the latest cyber activities. We describe the correlation between security policies and security reports using ontology for cybersecurity. Finally, we present a framework that enables access control policies update within the Cloud infrastructure offered by Amazon using Cyber Threat Intelligence.
Towards collaborative cyber threat intelligence for security management
Osliak O;Saracino A;Martinelli F;
2021
Abstract
Managing access to resources is one of the security mechanisms used for protecting the organization's assets from unauthorized usage, and thus potential data leaks. Thus, keeping access control policies up to date is a crucial task for any organization. However, the access control policy update process usually requires direct interaction of security specialists, which have knowledge and experience in counteracting abuse of privileges. Therefore, in this paper, we consider access control policies update using collaborative knowledge in the latest cyber activities. We describe the correlation between security policies and security reports using ontology for cybersecurity. Finally, we present a framework that enables access control policies update within the Cloud infrastructure offered by Amazon using Cyber Threat Intelligence.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.