Information modeling for automated risk analysis

被引:0
作者
Chivers, Howard [1 ]
机构
[1] Cranfield Univ, Dept Informat Syst, Def Acad United Kingdom, Swindon SN6 8LA, Wilts, England
来源
COMMUNICATIONS AND MULTIMEDIA SECURITY, PROCEEDINGS | 2006年 / 4237卷
关键词
security; risk; model; information; threat; service-oriented; communication;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Systematic security risk analysis requires an information model which integrates the system design, the security environment (the attackers, security goals etc) and proposed security requirements. Such a model must be scalable to accommodate large systems, and support the efficient discovery of threat paths and the production of risk-based metrics; the modeling approach must balance complexity, scalability and expressiveness. This paper describes such a model; novel features include combining formal information modeling with informal requirements traceability to support the specification of security requirements on incompletely specified services, and the typing of information flow to quantify path exploitability and model communications security.
引用
收藏
页码:228 / 239
页数:12
相关论文
共 50 条
  • [41] Data Protection Risk Modeling into Business Process Analysis
    Goncalves, Antonio
    Correia, Anacleto
    Cavique, Luis
    COMPUTATIONAL SCIENCE AND ITS APPLICATIONS - ICCSA 2017, PT I, 2017, 10404 : 667 - 676
  • [42] Approximate Uncertainty Modeling in Risk Analysis with Vine Copulas
    Bedford, Tim
    Daneshkhah, Alireza
    Wilson, Kevin J.
    RISK ANALYSIS, 2016, 36 (04) : 792 - 815
  • [43] Fuzzy modeling of system behavior for risk and reliability analysis
    Sharma, Rajiv Kumar
    Kumar, Dinesh
    Kumar, Pradeep
    INTERNATIONAL JOURNAL OF SYSTEMS SCIENCE, 2008, 39 (06) : 563 - 581
  • [44] Fuzzy Logic and Its Application in the Assessment of Information Security Risk of Industrial Internet of Things
    Kerimkhulle, Seyit
    Dildebayeva, Zhulduz
    Tokhmetov, Akylbek
    Amirova, Akzhibek
    Tussupov, Jamalbek
    Makhazhanova, Ulzhan
    Adalbek, Alibek
    Taberkhan, Roman
    Zakirova, Alma
    Salykbayeva, Alua
    SYMMETRY-BASEL, 2023, 15 (10):
  • [45] Consistent and conflicting information in floods and bushfires impact risk information seeking, risk perceptions, and protective action intentions
    Dootson, Paula
    Kuligowski, Erica
    Greer, Dominique A.
    Miller, Sophie A.
    Tippett, Vivienne
    INTERNATIONAL JOURNAL OF DISASTER RISK REDUCTION, 2022, 70
  • [46] Modeling the effect of information quality on risk behavior change and the transmission of infectious diseases
    Chen, Frederick H.
    MATHEMATICAL BIOSCIENCES, 2009, 217 (02) : 125 - 133
  • [47] Risk-based analysis of manufacturing systems
    Lazov, Igor
    INTERNATIONAL JOURNAL OF PRODUCTION RESEARCH, 2019, 57 (22) : 7089 - 7103
  • [48] Forty Years of Risk Analysis: A Scientometric Overview
    Goerlandt, Floris
    Li, Jie
    RISK ANALYSIS, 2022, 42 (10) : 2253 - 2274
  • [49] Analysis of an information network
    Ruiz, A
    TRANSFUSION CLINIQUE ET BIOLOGIQUE, 2000, 7 : 80S - 83S
  • [50] Cognitive and Affective Processing of Risk Information: A Survey Experiment on Risk-Based Decision-Making Related to Crime and Public Safety
    Berryessa, Colleen M.
    Caplan, Joel M.
    FRONTIERS IN PSYCHOLOGY, 2020, 11
12345