Analysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems

Gabriele Lenzini, Sjouke Mauw, Samir Ouchani

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    Abstract

    A crucial question for an ICT organization wishing to improve its security is whether a security policy together with physical access controls protects from socio-technical threats. We study this question formally. We model the information flow defined by what the organization’s employees do (copy, move, and destroy information) and propose an algorithm that enforces a policy on the model, before checking against an adversary if a security requirement holds.
    Original languageEnglish
    Title of host publication12th International Workshop on Security and Trust Management, STM 2016
    EditorsGilles Barthe, Evangelos Markatos, Pierangela Samarati
    Place of PublicationBerlin
    PublisherSpringer
    Pages170-178
    Number of pages9
    ISBN (Print)9783319465975
    DOIs
    Publication statusPublished - 17 Sep 2016

    Publication series

    NameLecture notes in computer science
    PublisherSpringer
    Volume9871
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Fingerprint

    Efficacy
    Socio-technical systems
    Security policy
    Information flow
    Threat
    Access control
    Model checking
    Employees

    Keywords

    • EC Grant Agreement nr.: FP7/318003
    • EC Grant Agreement nr.: FP7/2007-2013
    • IR-101603
    • Socio-Technical-Physical Systems · Modelling security and policies
    • METIS-318546
    • EWI-27280

    Cite this

    Lenzini, G., Mauw, S., & Ouchani, S. (2016). Analysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems. In G. Barthe, E. Markatos, & P. Samarati (Eds.), 12th International Workshop on Security and Trust Management, STM 2016 (pp. 170-178). (Lecture notes in computer science; Vol. 9871). Berlin: Springer. https://doi.org/10.1007/978-3-319-46598-2_12
    Lenzini, Gabriele ; Mauw, Sjouke ; Ouchani, Samir. / Analysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems. 12th International Workshop on Security and Trust Management, STM 2016. editor / Gilles Barthe ; Evangelos Markatos ; Pierangela Samarati. Berlin : Springer, 2016. pp. 170-178 (Lecture notes in computer science).
    @inproceedings{51d27a9663a542f2adf3f4b54092e3c2,
    title = "Analysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems",
    abstract = "A crucial question for an ICT organization wishing to improve its security is whether a security policy together with physical access controls protects from socio-technical threats. We study this question formally. We model the information flow defined by what the organization’s employees do (copy, move, and destroy information) and propose an algorithm that enforces a policy on the model, before checking against an adversary if a security requirement holds.",
    keywords = "EC Grant Agreement nr.: FP7/318003, EC Grant Agreement nr.: FP7/2007-2013, IR-101603, Socio-Technical-Physical Systems · Modelling security and policies, METIS-318546, EWI-27280",
    author = "Gabriele Lenzini and Sjouke Mauw and Samir Ouchani",
    note = "eemcs-eprint-27280",
    year = "2016",
    month = "9",
    day = "17",
    doi = "10.1007/978-3-319-46598-2_12",
    language = "English",
    isbn = "9783319465975",
    series = "Lecture notes in computer science",
    publisher = "Springer",
    pages = "170--178",
    editor = "Gilles Barthe and Evangelos Markatos and Pierangela Samarati",
    booktitle = "12th International Workshop on Security and Trust Management, STM 2016",

    }

    Lenzini, G, Mauw, S & Ouchani, S 2016, Analysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems. in G Barthe, E Markatos & P Samarati (eds), 12th International Workshop on Security and Trust Management, STM 2016. Lecture notes in computer science, vol. 9871, Springer, Berlin, pp. 170-178. https://doi.org/10.1007/978-3-319-46598-2_12

    Analysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems. / Lenzini, Gabriele; Mauw, Sjouke; Ouchani, Samir.

    12th International Workshop on Security and Trust Management, STM 2016. ed. / Gilles Barthe; Evangelos Markatos; Pierangela Samarati. Berlin : Springer, 2016. p. 170-178 (Lecture notes in computer science; Vol. 9871).

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    TY - GEN

    T1 - Analysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems

    AU - Lenzini, Gabriele

    AU - Mauw, Sjouke

    AU - Ouchani, Samir

    N1 - eemcs-eprint-27280

    PY - 2016/9/17

    Y1 - 2016/9/17

    N2 - A crucial question for an ICT organization wishing to improve its security is whether a security policy together with physical access controls protects from socio-technical threats. We study this question formally. We model the information flow defined by what the organization’s employees do (copy, move, and destroy information) and propose an algorithm that enforces a policy on the model, before checking against an adversary if a security requirement holds.

    AB - A crucial question for an ICT organization wishing to improve its security is whether a security policy together with physical access controls protects from socio-technical threats. We study this question formally. We model the information flow defined by what the organization’s employees do (copy, move, and destroy information) and propose an algorithm that enforces a policy on the model, before checking against an adversary if a security requirement holds.

    KW - EC Grant Agreement nr.: FP7/318003

    KW - EC Grant Agreement nr.: FP7/2007-2013

    KW - IR-101603

    KW - Socio-Technical-Physical Systems · Modelling security and policies

    KW - METIS-318546

    KW - EWI-27280

    U2 - 10.1007/978-3-319-46598-2_12

    DO - 10.1007/978-3-319-46598-2_12

    M3 - Conference contribution

    SN - 9783319465975

    T3 - Lecture notes in computer science

    SP - 170

    EP - 178

    BT - 12th International Workshop on Security and Trust Management, STM 2016

    A2 - Barthe, Gilles

    A2 - Markatos, Evangelos

    A2 - Samarati, Pierangela

    PB - Springer

    CY - Berlin

    ER -

    Lenzini G, Mauw S, Ouchani S. Analysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems. In Barthe G, Markatos E, Samarati P, editors, 12th International Workshop on Security and Trust Management, STM 2016. Berlin: Springer. 2016. p. 170-178. (Lecture notes in computer science). https://doi.org/10.1007/978-3-319-46598-2_12