Information modeling for automated risk analysis

被引:0
作者
Chivers, Howard [1 ]
机构
[1] Cranfield Univ, Dept Informat Syst, Def Acad United Kingdom, Swindon SN6 8LA, Wilts, England
来源
COMMUNICATIONS AND MULTIMEDIA SECURITY, PROCEEDINGS | 2006年 / 4237卷
关键词
security; risk; model; information; threat; service-oriented; communication;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Systematic security risk analysis requires an information model which integrates the system design, the security environment (the attackers, security goals etc) and proposed security requirements. Such a model must be scalable to accommodate large systems, and support the efficient discovery of threat paths and the production of risk-based metrics; the modeling approach must balance complexity, scalability and expressiveness. This paper describes such a model; novel features include combining formal information modeling with informal requirements traceability to support the specification of security requirements on incompletely specified services, and the typing of information flow to quantify path exploitability and model communications security.
引用
收藏
页码:228 / 239
页数:12
相关论文
共 50 条
  • [31] Risk perception, affect, and information avoidance during the 2016 US Presidential election
    Moon, Won-Ki
    Kahlor, Lee Ann
    Yang, Janet Zheng
    Lim, Hayoung Sally
    JOURNAL OF RISK RESEARCH, 2022, 25 (07) : 860 - 873
  • [32] Modeling and analysis of simultaneous information and energy transfer in Internet of Things
    Liu, Chang
    Natarajan, Balasubramaniam
    TRANSACTIONS ON EMERGING TELECOMMUNICATIONS TECHNOLOGIES, 2017, 28 (11):
  • [33] Data–information–knowledge hierarchy based decision support system for risk based inspection analysis
    Singh M.
    Hetlevik S.
    International Journal of System Assurance Engineering and Management, 2017, 8 (Suppl 2) : 1588 - 1595
  • [34] Reflections on Three Decades of Building Information Modeling
    Turk, Ziga
    BUILDINGS, 2025, 15 (02)
  • [35] Study on sensitive information leakage vulnerability modeling
    Kim, Sung-Hwan
    Kim, Nam-Uk
    Chung, Tai-Myoung
    KYBERNETES, 2015, 44 (01) : 77 - 88
  • [36] Modeling the formation of the public's information needs in the early stage of the COVID-19 outbreak
    Lu, Hongru
    Xie, Juan
    Cheng, Ying
    Chen, Ya
    ASLIB JOURNAL OF INFORMATION MANAGEMENT, 2023, 75 (05) : 961 - 984
  • [37] On the risk prediction and analysis of soft information in finance reports
    Tsai, Ming-Feng
    Wang, Chuan-Ju
    EUROPEAN JOURNAL OF OPERATIONAL RESEARCH, 2017, 257 (01) : 243 - 250
  • [38] A Business Aware Information Security Risk Analysis Method
    Sadok, M.
    Spagnoletti, P.
    INFORMATION TECHNOLOGY AND INNOVATION TRENDS IN ORGANIZATIONS, 2011, : 453 - 460
  • [39] Double way of the anesthetic risk information
    Graftieaux, J. -P.
    ANNALES FRANCAISES D ANESTHESIE ET DE REANIMATION, 2009, 28 (09): : 813 - 814
  • [40] Toward Business Integrity Modeling and Analysis Framework for Risk Measurement and Analysis
    Chang, Victor
    Valverde, Raul
    Ramachandran, Muthu
    Li, Chung-Sheng
    APPLIED SCIENCES-BASEL, 2020, 10 (09):
12345