Information modeling for automated risk analysis

被引：0

作者：

Chivers, Howard ^{[1
]}

机构：

[1] Cranfield Univ, Dept Informat Syst, Def Acad United Kingdom, Swindon SN6 8LA, Wilts, England

来源：

COMMUNICATIONS AND MULTIMEDIA SECURITY, PROCEEDINGS | 2006年 / 4237卷

关键词：

security; risk; model; information; threat; service-oriented; communication;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Systematic security risk analysis requires an information model which integrates the system design, the security environment (the attackers, security goals etc) and proposed security requirements. Such a model must be scalable to accommodate large systems, and support the efficient discovery of threat paths and the production of risk-based metrics; the modeling approach must balance complexity, scalability and expressiveness. This paper describes such a model; novel features include combining formal information modeling with informal requirements traceability to support the specification of security requirements on incompletely specified services, and the typing of information flow to quantify path exploitability and model communications security.

引用

页码：228 / 239

页数：12

共 50 条

[1] Risk information management resource (RIMR) modeling an approach to defending against military medical information assurance brain drain
Wright, WE
MEDICAL IMAGING 2003: PACS AND INTEGRATED MEDICAL INFORMATION SYSTEMS: DESIGN AND EVALUATION, 2003, 5033 : 195 - 203
[2] INFORMATION AND RISK MODELS
Roudny, Radim
CRISIS MANAGEMENT AND SOLUTION OF THE CRISIS SITUATIONS 2015, 2015, : 276 - 282
[3] Towards automated risk assessments for modular manufacturing systems Process analysis and information model proposal
Ehrlich, Marco
Broering, Andre
Diedrich, Christian
Jasperneite, Juergen
AT-AUTOMATISIERUNGSTECHNIK, 2023, 71 (06) : 453 - 466
[4] A Dependency analysis for Information Security and Risk Management
Krishna, B. Chaitanya
Subrahmanyam, Kodukula
Kim, Tai-hoon
INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2015, 9 (08): : 205 - 210
[5] Automated Risk Analysis for IoT Systems
Rak, Massimiliano
Casola, Valentina
De Benedictis, Alessandra
Villano, Umberto
ADVANCES ON P2P, PARALLEL, GRID, CLOUD AND INTERNET COMPUTING, 3PGCIC-2018, 2019, 24 : 265 - 275
[6] Proposed model of the relationship of risk information seeking and processing to the development of preventive behaviors
Griffin, RJ
Dunwoody, S
Neuwirth, K
ENVIRONMENTAL RESEARCH, 1999, 80 (02) : S230 - S245
[7] Insider Threat Modeling: An Adversarial Risk Analysis Approach
Joshi, Chaitanya
Aliaga, Jesus Rios
Insua, David Rios
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2021, 16 : 1131 - 1142
[8] Automated content analysis and crisis communication research
van der Meer, Toni G. L. A.
PUBLIC RELATIONS REVIEW, 2016, 42 (05) : 952 - 961
[9] Extracting Risk Modeling Information from Medical Articles
Deleris, Lea A.
Sacaleanu, Bogdan
Tounsi, Lamia
MEDINFO 2013: PROCEEDINGS OF THE 14TH WORLD CONGRESS ON MEDICAL AND HEALTH INFORMATICS, PTS 1 AND 2, 2013, 192 : 1158 - 1158
[10] Modeling the Risk & Utility of Information Sharing in Social Networks
Fouad, Mohamed R.
Elbassioni, Khaled
Bertino, Elisa
PROCEEDINGS OF 2012 ASE/IEEE INTERNATIONAL CONFERENCE ON PRIVACY, SECURITY, RISK AND TRUST AND 2012 ASE/IEEE INTERNATIONAL CONFERENCE ON SOCIAL COMPUTING (SOCIALCOM/PASSAT 2012), 2012, : 441 - 450

← 1 2 3 4 5 →