TITLE:
On Development of Platform for Organization Security Threat Analytics and Management (POSTAM) Using Rule-Based Approach
AUTHORS:
Joseph E. Mbowe, Simon S. Msanjila, George S. Oreku, Khamisi Kalegele
KEYWORDS:
Security Threats Analytic, Threat Visualization, Security Management, Automated Security Policies
JOURNAL NAME:
Journal of Software Engineering and Applications,
Vol.9 No.12,
December
30,
2016
ABSTRACT: The integration of organisation’s
information security policy into threat modeling enhances effectiveness of
security strategies for information security management. These security
policies are the ones which define the sets of security issues, controls and
organisation’s commitment for seamless integration with knowledge based
platforms in order to protect critical assets and data. Such platforms are
needed to evaluate and share violations which can create security loop-hole.
The lack of rules-based approaches for discovering potential threats at
organisation’s context, poses a challenge for many organisations in
safeguarding their critical assets. To address the challenge, this paper
introduces a Platform for Organisation Security Threat Analytic and Management
(POSTAM) using rule-based approach. The platform enhances strategies for
combating information security threats and thus improves organisations’
commitment in protecting their critical assets. R scripting language for data
visualization and java-based scripts were used to develop a prototype to run on
web protocol. MySQL database management system was used as back-end for data
storage during threat analytic processes.