Visible to the public Biblio

Filters: Author is Hommel, Wolfgang  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
P
Hanauer, Tanja, Hommel, Wolfgang, Metzger, Stefan, Pöhn, Daniela.  2018.  A Process Framework for Stakeholder-Specific Visualization of Security Metrics. Proceedings of the 13th International Conference on Availability, Reliability and Security. :28:1-28:10.

Awareness and knowledge management are key components to achieve a high level of information security in organizations. However, practical evidence suggests that there are significant discrepancies between the typical elements of security awareness campaigns, the decisions made and goals set by top-level management, and routine operations carried out by systems administration personnel. This paper presents Vis4Sec, a process framework for the generation and distribution of stakeholder-specific visualizations of security metrics, which assists in closing the gap between theoretical and practical information security by respecting the different points of view of the involved security report audiences. An implementation for patch management on Linux servers, deployed at a large data center, is used as a running example.

M
Steinke, Michael, Adam, Iris, Hommel, Wolfgang.  2018.  Multi-Tenancy-Capable Correlation of Security Events in 5G Networks. 2018 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN). :1–6.
The concept of network slicing in 5G mobile networks introduces new challenges for security management: Given the combination of Infrastructure-as-a-Service cloud providers, mobile network operators as Software-as-a-Service providers, and the various verticals as customers, multi-layer and multi-tenancy-capable management architectures are required. This paper addresses the challenges for correlation of security events in such 5G scenarios with a focus on event processing at telecommunication service providers. After an analysis of the specific demand for network-slice-centric security event correlation in 5G networks, ongoing standardization efforts, and related research, we propose a multi-tenancy-capable event correlation architecture along with a scalable information model. The event processing, alerting, and correlation workflow is discussed and has been implemented in a network and security management system prototype, leading to a demonstration of first results acquired in a lab setup.