A comparative analysis of incident reporting formats
| Autor: | Günther Pernul, Florian Menges |
|---|---|
| Rok vydání: | 2018 |
| Předmět: |
021110 strategic
defence & security studies General Computer Science business.industry Computer science Process (engineering) Information sharing 0211 other engineering and technologies Information technology 02 engineering and technology Computer security computer.software_genre Data science 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing Use case business Law computer Strengths and weaknesses |
| Zdroj: | Computers & Security. 73:87-101 |
| ISSN: | 0167-4048 |
| DOI: | 10.1016/j.cose.2017.10.009 |
| Popis: | Over the past few years, the number of attacks against IT systems and the resulting incidents has steadily increased. To protect against these attacks, joint approaches, which include the sharing of incident information, are increasingly gaining in importance. Several incident reporting formats build the basis for information sharing. However, it is often not clear how to design the underlying processes and which formats would fit the specific use cases. To close this gap, we have introduced an incident reporting process model and the generic model UPSIDE for basic incident reporting requirements. Subsequently, we have identified state-of-the-art incident reporting formats and used the introduced models to conduct a comparative analysis of these formats. This analysis shows the strengths and weaknesses of the evaluated formats and identifies the use cases for which they are suitable. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|
Full Text from ScienceDirect