CFP last date
17 June 2024
Reseach Article

An Integrated use of ISO27005, Mehari and Multi-Agents System in order to Design a Comprehensive Information Security Risk Management Tool

by Mohamed Ghazouani, Hicham Medromi, Adil Sayouti, Siham Benhadou
International Journal of Applied Information Systems
Foundation of Computer Science (FCS), NY, USA
Volume 7 - Number 2
Year of Publication: 2014
Authors: Mohamed Ghazouani, Hicham Medromi, Adil Sayouti, Siham Benhadou
10.5120/ijais14-451138

Mohamed Ghazouani, Hicham Medromi, Adil Sayouti, Siham Benhadou . An Integrated use of ISO27005, Mehari and Multi-Agents System in order to Design a Comprehensive Information Security Risk Management Tool. International Journal of Applied Information Systems. 7, 2 ( April 2014), 10-15. DOI=10.5120/ijais14-451138

@article{ 10.5120/ijais14-451138,
author = { Mohamed Ghazouani, Hicham Medromi, Adil Sayouti, Siham Benhadou },
title = { An Integrated use of ISO27005, Mehari and Multi-Agents System in order to Design a Comprehensive Information Security Risk Management Tool },
journal = { International Journal of Applied Information Systems },
issue_date = { April 2014 },
volume = { 7 },
number = { 2 },
month = { April },
year = { 2014 },
issn = { 2249-0868 },
pages = { 10-15 },
numpages = {9},
url = { https://www.ijais.org/archives/volume7/number2/619-1138/ },
doi = { 10.5120/ijais14-451138 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2023-07-05T18:54:37.400118+05:30
%A Mohamed Ghazouani
%A Hicham Medromi
%A Adil Sayouti
%A Siham Benhadou
%T An Integrated use of ISO27005, Mehari and Multi-Agents System in order to Design a Comprehensive Information Security Risk Management Tool
%J International Journal of Applied Information Systems
%@ 2249-0868
%V 7
%N 2
%P 10-15
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

While there are many framework which help users in Security Risk Assessment, the authors of this paper know of none which actually try to automate the process by using multi agent system. This article presents a multi-agent expert system, a web-based solution where users create autonomous agents to perform an information security assessment. Users specify parameters to guide and constrain an agent's overall behavior. The key element that differentiates this research from the previous ones is that none of them are based on multi-agents system.

References
  1. SAPA: Software Agents for Prevention and Auditing of Security Faults in Networked Systems. Information Networking. Convergence in Broadband and Mobile Networking. Lecture Notes in Computer Science Volume 3391, 2005, pp 80-88.
  2. Approach to Solving Security Problems Using Meta-Agents in Multi Agent System. Agent and Multi-Agent Systems: Technologies and Applications. Lecture Notes in Computer Science Volume 4953, 2008, pp 122-131.
  3. A Multi-agent System for Computer Network Security Monitoring. Agent and Multi-Agent Systems: Technologies and Applications. Lecture Notes in Computer Science Volume 4953, 2008, pp 842-849.
  4. Information technology—Security techniques— Information security risk management. INTERNATIONAL STANDARD ISO/IEC 27005 First edition 2008-06-15.
  5. Jake Kouns and Daniel MinoliInformation. 2010. ISBN:9780471762546 Technology Risk Management in Enterprise Environments: A Review of Industry Practices and a Practical Guide to Risk Management Teams.
  6. by Jake Kouns and Daniel Minoli 2010. ISBN:9780471762546. Information Technology Risk Management in Enterprise Environments: A Review of Industry Practices and a Practical Guide to Risk Management Teams
  7. Mark Ryan M. Talabis and Jason L. Martin 2013. ISBN:9781597497350. Information Security Risk Assessment Toolkit: Practical Assessments Through Data Collection and Data Analysis
  8. InTech, April 4, 2011. "Multi-Agent Systems - Modeling, Control, Programming, Simulations and Applications", ISBN 978-953-307-174-9
  9. Prentice Hall; 3 edition, 2009. Stuart J. Russell and Peter Norvig, "Artificial Intelligence: a Modern Approach".
  10. M. Wooldridge and N. R Jennings. Intelligent agents : Theory and practice. The Knowledge Engineering Review, 10(2) : 115-152, 1995.
  11. Roxanne E. Burkey and Charles V. Breakfield (eds. ) 2001. Designing a Total Data Solution: Technology, Implementation, and Deployment. ISBN:9780849308932
  12. Automating System Security Audits. ISACA Journal, volume 1, 2004.
  13. http://msdn. microsoft. com/en-us/library/ff648641. aspx Improving Web Application Security: Threats and Countermeasures. J. D. Meier, Alex Mackman, Michael Dunner, Srinath Vasireddy, Ray Escamilla and Anandha Murukan. Microsoft Corporation.
  14. "Autonomous and Intelligent Mobile Systems based on Multi-Agent Systems" Auteurs: A. Sayouti and H. Medromi. Book Chapter in the book "Multi-Agent Systems - Modeling, Control, Programming, Simulations and Applications", ISBN 978-953-307-174-9, InTech, April 4, 2011.
Index Terms

Computer Science
Information Sciences

Keywords

ISO27001 ISO27005 MEHARI Multi-agent system (MAS).