Model-based Situational Security Analysis
نویسندگان
چکیده
Security analysis is growing in complexity with the increase in functionality, connectivity, and dynamics of current electronic business processes. To tackle this complexity, the application of models in pre-operational phases is becoming standard practice. Runtime models are also increasingly applied to analyze and validate the actual security status of business process instances. In this paper we present an approach to support not only model-based evaluation of the current security status of business process instances, but also to allow for decision support by analyzing close-future process states. Our approach is based on operational formal models derived from development-time process and security models. This paper exemplifies our approach utilizing real world processes from the logistics domain and demonstrates the systematic development and application of runtime models for situational security analysis.
منابع مشابه
A Novel Approach for Security Situational Awareness in the Internet of Things
Internet of ings (IoT) is characterized by various of heterogeneous devices and facing numerous threats. Modeling security of IoT is still a certain challenge. is paper denes a Stochastic Colored Petri Net (SCPN) for IoT-based smart environment and then proposes a Markov Game model for security situational awareness (SSA) in the dened SCPN. All possible aack paths are computed by the SCPN,...
متن کاملAnalysis and Assessment of Situational Awareness Models for National Cyber Security Centers
National cyber security centers (NCSCs) are gaining more and more importance to ensure the security and proper operations of critical infrastructures (CIs). As a prerequisite, NCSCs need to collect, analyze, process, assess and share security-relevant information from infrastructure operators. A vital capability of mentioned NCSCs is to establish Cyber Situational Awareness (CSA) as a precondit...
متن کاملSecurity and Business Situational Awareness
“Security needs to be aligned with business”. Business situational awareness is the ability to continually monitor ongoing actions and events related to business operations and estimate the immediate and close-future impact of the new information. This ability is crucial for business continuity and should encompass all associated aspects. Considering the growing dependability of businesses on I...
متن کاملComputationally secure multiple secret sharing: models, schemes, and formal security analysis
A multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants. in such a way a multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants, such that any authorized subset of participants can reconstruct the secrets. Up to now, existing MSSs either require too long shares for participants to be perfect secur...
متن کاملPreliminary Findings from an Exploratory Qualitative Study of Security-Conscious Users of Mobile Authentication
Authentication on mobile devices is a research priority for the development of usable and trustworthy platforms. However, users may struggle to understand how to balance security and usability for the broad range of important data-driven social and financial transactions on their devices. This concern is especially prevalent in security information workers sensitized to mobile technology vulner...
متن کامل