Powered by OpenAIRE graph
Found an issue? Give us feedback
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/ Norwegian Open Resea...arrow_drop_down
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
Norwegian Open Research Archives
Bachelor thesis . 2018
Data sources: Norwegian Open Research Archives
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
NTNU Open
Bachelor thesis . 2018
Data sources: NTNU Open
 View all 2 versions
Claim

En case-studie på bruk av rotårsaksanalyse innen informasjonssikkerhet

descriptionPublicationkeyboard_double_arrow_right Bachelor thesis 01 Jan 2018 Norway Norwegian
Authors: Huse, Thomas Havnegjerde; Nyblom, Philip Brugmans; Søgnen, Ole Martin; Theien, Fredrik Løvaas;

handle: 11250/2562050

En case-studie på bruk av rotårsaksanalyse innen informasjonssikkerhet

Abstract

Vanlig tilnærming til informasjonssikkerhetsstyring er gjennom risikostyring og hendelseshåndtering. Rotårsaksanalyse (RCA) skiller seg fra disse ved å gå i dybden på problemet og fjerne det ved rota. Siden denne tilnærmingen er lite brukt i informasjonssikkerhet, er en av våre problemstillinger å utrede hvor godt det fungerer. Tilnærmingen til dette var gjennom tre caser som omhandler ulike aspekter ved informasjonssikkerhet. Disse var å undersøke rotårsaken til: ulovlig fildeling ved NTNU, kompromitterte kontoer ved NTNU og misbruk av NTNU sine ressurser til utvinning av kryptovaluta. RCA består av forskjellige metoder og tilnærminger, men denne rapporten tar utgangspunkt i boken “Root Cause Analysis: Simplified Tools and Techniques” [1]. Resultatene fra første case viser at det er i stor grad tilgjengeligheten på tjenester som har noe å si for hvorfor de laster ned. I caset om kompromitterte kontoer viser vår undersøkelse at det er en kombinasjon av dårlig opplæring og utilstrekkelig tilgangskontroll som er rotårsakene. Grunnen til at folk velger å misbruke NTNU sine ressurser til kryptoutvinning kan tilskrives uklarheter i IT-reglement, samt lav prioritering fra Seksjon for Digital Sikkerhet. Etter utføringen av de tre casene ble det konkludert med at metodikken fungerer bra, men at noen verktøy fungerer bedre enn andre. Rapporten inkluderer derfor også en veileder for bruk av RCA innen informasjonssikkerhet – skrevet på bakgrunn av erfaringer fra dette bachelorprosjektet.

Common approach for information security management is either risk management or incident response. Root cause analysis (RCA) differs from these by identifying root causes and removing them. Since the approach is not often used in information security, one of our topics is to determine how well this approach works. To accomplish this, we looked at three cases tackling various aspects of information security. The cases were as following: illegal filesharing at NTNU, compromised accounts at NTNU and misuse of NTNU’s resources to mine cryptocurrency. RCA is a collection of various methodologies and tools, however this report follows the methodology and tools presented in “Root Cause Analysis: Simplified Tools and Techniques” [1]. The results from the first case shows that it is largely the lack of availability that is the main reason for why students choose to download. In the case about compromised accounts we discovered that poor training and insufficient access control were the main causes. The reasons for why people chose to abuse NTNU’s resources for cryptomining can be attributed to the ambiguities in the IT Policy of NTNU, as well as low priority from the Digital Security Section. Following the completion of the three cases, it was concluded that the methodology works well, but some tools works better than others. Therefore, the report also includes a guideline for using RCA in information security - written based on our experiences from this bachelor project.

Country
Norway
Related Organizations
Keywords

VDP::Mathematics and natural science: 400::Information and communication science: 420::Security and vulnerability: 424, rotårsaksanalyse, informasjonssikkerhet

  • BIP!
    Impact byBIP!
    selected citations
    These citations are derived from selected sources.
    This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 0
    popularity
    This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
    		 Average
    influence
    This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 Average
    impulse
    This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
    		 Average
Powered by OpenAIRE graph
Found an issue? Give us feedback
selected citations
These citations are derived from selected sources.
This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Citations provided by BIP!
popularity
This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
BIP!Popularity provided by BIP!
influence
This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Influence provided by BIP!
impulse
This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
BIP!Impulse provided by BIP!
0
Average
Average
Average
Green