• DocumentCode
    667164
  • Title

    A Graph-Based Approach for Managing Enterprise Information System Security

  • Author

    Sengupta, Aparajita ; Manna, Antonio ; Mazumdar, C.

  • Author_Institution
    Centre for Distrib. Comput., Jadavpur Univ., Kolkata, India
  • fYear
    2013
  • fDate
    15-16 Nov. 2013
  • Firstpage
    137
  • Lastpage
    143
  • Abstract
    An enterprise information system consists of assets and their inter-relationships. These inter-relationships are manifested in the connection of hardware assets in network architecture, or in the installation of software and information assets in hardware. Security policies are used to specify and control access to enterprise assets. Inter-relationships of assets, along with improper specification of policies, can lead to managerial vulnerabilities in the enterprise information system. Threats may exploit these vulnerabilities to breach the security of sensitive assets. This paper discusses a graph-based methodology for the specification of Enterprise Information Systems. The methodology captures enterprise information security requirements, helps specify security policies, and detects managerial vulnerabilities in enterprise information systems.
  • Keywords
    business data processing; formal specification; graph theory; management information systems; security of data; access specification; control specification; enterprise information system security management; graph-based approach; hardware assets; information assets; managerial vulnerability detection; network architecture; security policies; security policy specification; sensitive asset security breach; software installation; Access control; Hardware; Information systems; Operating systems; Permission; Access control graph; Enterprise information system graph; Enterprise security modeling; Managerial vulnerability; Security policy;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Cloud & Ubiquitous Computing & Emerging Technologies (CUBE), 2013 International Conference on
  • Conference_Location
    Pune
  • Print_ISBN
    978-1-4799-2234-5
  • Type

    conf

  • DOI
    10.1109/CUBE.2013.33
  • Filename
    6701492
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=667164