Security risk visualization with semantic risk model

Outi-Marja Latvala (Corresponding Author), Jyri Toivonen, Antti Evesti, Markus Sihvonen, Vesa Jordan

    Research output: Contribution to journalArticleScientificpeer-review

    2 Citations (Scopus)

    Abstract

    Understanding and analysing security risks is an essential task when designing and maintaining a systems' security. The first risk analysis should be performed during the system design. Identified risks have to be updated during the lifecycle when security controls are implemented or new threats appear. Visualization facilitates the risk analysis process, but visualizing the huge amount of risks with diverse causalities is challenging. This paper concentrates on risk visualization and related challenges. The paper presents a semantic model for risk visualization and structuring implemented into the Metric Visualization System (MVS). The proposed model and tool support make risk visualization consistent and ensures that it includes mutual connections of risks. The contribution helps designers to analyse risks and to select security controls in a justified manner.
    Original languageEnglish
    Pages (from-to)1194-1199
    JournalProcedia Computer Science
    Volume83
    DOIs
    Publication statusPublished - 2016
    MoE publication typeA1 Journal article-refereed
    Event7th International Conference on Ambient Systems, Networks and Technologies, ANT 2016 - Madrid, Spain
    Duration: 23 May 201626 May 2016

    Fingerprint

    Visualization
    Semantics
    Risk analysis
    Security systems
    Systems analysis

    Keywords

    • security metric
    • visualization
    • risk management

    Cite this

    Latvala, Outi-Marja ; Toivonen, Jyri ; Evesti, Antti ; Sihvonen, Markus ; Jordan, Vesa. / Security risk visualization with semantic risk model. In: Procedia Computer Science. 2016 ; Vol. 83. pp. 1194-1199.
    @article{7851467680fc4a038e0ef7d6fb2e2e69,
    title = "Security risk visualization with semantic risk model",
    abstract = "Understanding and analysing security risks is an essential task when designing and maintaining a systems' security. The first risk analysis should be performed during the system design. Identified risks have to be updated during the lifecycle when security controls are implemented or new threats appear. Visualization facilitates the risk analysis process, but visualizing the huge amount of risks with diverse causalities is challenging. This paper concentrates on risk visualization and related challenges. The paper presents a semantic model for risk visualization and structuring implemented into the Metric Visualization System (MVS). The proposed model and tool support make risk visualization consistent and ensures that it includes mutual connections of risks. The contribution helps designers to analyse risks and to select security controls in a justified manner.",
    keywords = "security metric, visualization, risk management",
    author = "Outi-Marja Latvala and Jyri Toivonen and Antti Evesti and Markus Sihvonen and Vesa Jordan",
    year = "2016",
    doi = "10.1016/j.procs.2016.04.247",
    language = "English",
    volume = "83",
    pages = "1194--1199",
    journal = "Procedia Computer Science",
    issn = "1877-0509",
    publisher = "Elsevier",

    }

    Security risk visualization with semantic risk model. / Latvala, Outi-Marja (Corresponding Author); Toivonen, Jyri; Evesti, Antti; Sihvonen, Markus; Jordan, Vesa.

    In: Procedia Computer Science, Vol. 83, 2016, p. 1194-1199.

    Research output: Contribution to journalArticleScientificpeer-review

    TY - JOUR

    T1 - Security risk visualization with semantic risk model

    AU - Latvala, Outi-Marja

    AU - Toivonen, Jyri

    AU - Evesti, Antti

    AU - Sihvonen, Markus

    AU - Jordan, Vesa

    PY - 2016

    Y1 - 2016

    N2 - Understanding and analysing security risks is an essential task when designing and maintaining a systems' security. The first risk analysis should be performed during the system design. Identified risks have to be updated during the lifecycle when security controls are implemented or new threats appear. Visualization facilitates the risk analysis process, but visualizing the huge amount of risks with diverse causalities is challenging. This paper concentrates on risk visualization and related challenges. The paper presents a semantic model for risk visualization and structuring implemented into the Metric Visualization System (MVS). The proposed model and tool support make risk visualization consistent and ensures that it includes mutual connections of risks. The contribution helps designers to analyse risks and to select security controls in a justified manner.

    AB - Understanding and analysing security risks is an essential task when designing and maintaining a systems' security. The first risk analysis should be performed during the system design. Identified risks have to be updated during the lifecycle when security controls are implemented or new threats appear. Visualization facilitates the risk analysis process, but visualizing the huge amount of risks with diverse causalities is challenging. This paper concentrates on risk visualization and related challenges. The paper presents a semantic model for risk visualization and structuring implemented into the Metric Visualization System (MVS). The proposed model and tool support make risk visualization consistent and ensures that it includes mutual connections of risks. The contribution helps designers to analyse risks and to select security controls in a justified manner.

    KW - security metric

    KW - visualization

    KW - risk management

    U2 - 10.1016/j.procs.2016.04.247

    DO - 10.1016/j.procs.2016.04.247

    M3 - Article

    VL - 83

    SP - 1194

    EP - 1199

    JO - Procedia Computer Science

    JF - Procedia Computer Science

    SN - 1877-0509

    ER -