@phdthesis{, author = {Hanauer, Tanja}, title = {Visualization-based Enhancement of IT Security Management and Operations}, editor = {}, booktitle = {}, series = {}, journal = {}, address = {}, publisher = {}, edition = {}, year = {2021}, isbn = {}, volume = {}, number = {}, pages = {}, url = {}, doi = {}, keywords = {IT Security, Process Framework, Information Security Management, Vulnerability Management, Security Visualization, Data Management}, abstract = {This work introduces a process framework for security visualization that supports the gen- eration of an overview and the manageability of an organization’s IT, its processes, se- lected security-specific tasks, and the data they rely on. It also supports the generation of knowledge for various stakeholders along with organizational knowledge generation through knowledge transfer amongst stakeholders, and the transformation from individual into orga- nizational knowledge. In general, it is expected that applying the Framework enhances the security of the organization. The Framework is built on the basis of IT management, IT security, data, and visualization and research about stakeholder groups, existing visualization frameworks, data sources, and occurring security visualizations. The foundation and the existing research do not only provide the basis for the Framework but they also have shown the need to develop something new. Two scenarios are analyzed to define requirements for the new solution. The deficits are presented in detail and from them specific requirements are derived. These requirements are then categorized into Functional, Nonfunctional, Security, and Quality Requirements, and then generalized to 15 generic and transferable ones. On this basis the Framework Integrated Visualization Process Framework for IT Security (Vis4Sec) is designed, described, and put into practice aiming to fine-tune and improve security. Vis4Sec consists of a Visualization Process with an Initiation, the phases Ask, Manage Data, Visualize, Interact, and Iterations, and a Data Management Process with the phases Define Data, Acquire Data, Analyze Data, Ensure Data Quality, and Dispose or Reuse Data. Each of the process phases is described in detail, its objectives are stated along with the methodical approach and the methods in detail. Vis4Sec is designed to provide detailed instructions, to make the current status of the environment visible, and to demand participation from its stakeholders. Afterwards, the Framework is put into practice. One proof of concept for IT Operations with the use cases Linux Configuration Item Database, Server Provisioning and Disposal, and Server Monitoring exists and one for the scenario IT Security Management with its use cases Log Management, Patch Management, and Vulnerability Management. Besides, a brief process description and an Implementation Guideline is provided in the Appendix in order to support the quick adaption of the Process Framework. In addition, a new approach on vulnerability management is depicted. Only verified and actionable vulnerabilities are reported; a tool allowing this is designed, implemented, and has been put into practice for over more than two years. It shows promising results for initiating vulnerability management in an organization with an active participation from its stakeholders.}, note = {}, school = {Universität der Bundeswehr München}, }