LAUNDERS, Ivan and POLOVINA, Simon (2013). Security policy reasoning with the automated transaction graph for financial crime. In: AKHGAR, Babak and YATES, Simeon, (eds.) Strategic intelligence management. Butterworth-Heinemann, 150-166.Full text not available from this repository.
Fraudulent transactions fuel the criminal misuse of identity details and pose a serious threat to national security. This issue is heightened by the growing sophistication of business transactions using payment cards, causing its policing to be increasingly difficult. Both public and private sector organizations are required by law to comply with industry standards for information technology security and these standards normally mandate the creation of security policies and audit trails for these enterprises, especially from key systems holding sensitive information. Enterprise architects have traditionally defined security policy and relied upon technical controls to secure enterprise systems against cyber threats and misuse. However, within ever-more complex transactional information systems it is difficult to achieve compliance and analyze security policy rules without the ability to capture and model the complexity of security at a business level. Using a simple financial trading case study as an illustration, we propose a semantic approach to security policy reasoning using conceptual graphs. This approach provides ontology that enables enterprise architects to capture the semantics of fraudulent transactions through security policy rules.
|Item Type:||Book Section|
|Research Institute, Centre or Group:||Cultural Communication and Computing Research Institute > Communication and Computing Research Centre|
|Depositing User:||Helen Garner|
|Date Deposited:||22 Apr 2013 12:33|
|Last Modified:||23 Apr 2013 20:39|
Actions (login required)
Downloads per month over past year