TY - JOUR
T1 - Effectiveness of qualitative and quantitative security obligations
AU - Pieters, W.
AU - Padget, J.
AU - Dechesne, F.
AU - Dignum, V.
AU - Aldewereld, H.
N1 - Foreground = 50%; Type of activity = publication; Main leader = TUD; Type of audience = scientific community;Size of audience = n.a.; Countries addressed = international;
PY - 2015/6
Y1 - 2015/6
N2 - Security policies in organisations typically take the form of obligations for the employees. However, it is often unclear what the purpose of such obligations is, and how these can be integrated in the operational processes of the organisation. This can result in policies that may be either too strong or too weak, leading to unnecessary productivity loss, or the possibility of becoming victim to attacks that exploit the weaknesses, respectively. In this paper, we propose a framework in which the security obligations of employees are linked directly to prohibitions that prevent external agents (attackers) from reaching their goals. We use logic-based and graph-based approaches to formalise and reason about such policies, and show how the framework can be used to verify correctness of the associated refinements. Finally, we extend the graph-based model with quantitative policies and associated quantitative analysis, based on the time an adversary needs for an attack. The framework can assist organisations in aligning security policies with their threat model.
AB - Security policies in organisations typically take the form of obligations for the employees. However, it is often unclear what the purpose of such obligations is, and how these can be integrated in the operational processes of the organisation. This can result in policies that may be either too strong or too weak, leading to unnecessary productivity loss, or the possibility of becoming victim to attacks that exploit the weaknesses, respectively. In this paper, we propose a framework in which the security obligations of employees are linked directly to prohibitions that prevent external agents (attackers) from reaching their goals. We use logic-based and graph-based approaches to formalise and reason about such policies, and show how the framework can be used to verify correctness of the associated refinements. Finally, we extend the graph-based model with quantitative policies and associated quantitative analysis, based on the time an adversary needs for an attack. The framework can assist organisations in aligning security policies with their threat model.
KW - Refinement
KW - SCS-Cybersecurity
KW - Graphs
KW - Logics
KW - Prohibitions
KW - Security policies
KW - Obligations
KW - EC Grant Agreement nr.: FP7/2007-2013
KW - EC Grant Agreement nr.: FP7/318003
KW - EC Grant Agreement nr.: FP7/261696
KW - n/a OA procedure
UR - http://www.scopus.com/inward/record.url?scp=84951910046&partnerID=8YFLogxK
U2 - 10.1016/j.jisa.2014.07.003
DO - 10.1016/j.jisa.2014.07.003
M3 - Article
SN - 2214-2126
VL - 22
SP - 3
EP - 16
JO - Journal of information security and applications
JF - Journal of information security and applications
T2 - Journal of Information Security and Applications
Y2 - 1 June 2015 through 1 June 2015
ER -