Representing humans in system security models: An actor-network approach

  • 37 Citations

Abstract

System models to assess the vulnerability of information systems to security threats typically represent a physical infrastructure (buildings) and a digital infrastructure (computers and networks), in combination with an attacker traversing the system while acquiring credentials. Other humans are generally not included, as their behaviour is considered more difficult to express. We propose a graph-based reference model for reasoning about access in system models including human actions, inspired by the sociological actor-network theory, treating humans and non-humans symmetrically. This means that humans can employ things to gain access (an attacker gains access to a room by means of a key), but things can also employ humans to gain access (a USB stick gains access to a computer by means of an employee), leading to a simple but expressive model. The model has the additional advantage that it is not based on containment, an increasingly problematic notion in the age of disappearing boundaries between systems. Based on the reference model, we discuss algorithms for finding attacks, as well as examples. The reference model can serve as a starting point for discussing representations of human behaviour in system models, and for including human behaviour in other than graph-based approaches.
Original languageUndefined
Pages (from-to)75-92
Number of pages18
JournalJournal of wireless mobile networks, ubiquitous computing, and dependable applications
Volume2
Issue number1
StatePublished - 2011

Fingerprint

Circuit theory
Information systems
Personnel

Keywords

  • EWI-19934
  • SCS-Cybersecurity
  • Socio-Technical Systems
  • containment
  • Actor-Network Theory
  • vulnerability analysis
  • security modelling
  • METIS-279149
  • IR-76541
  • hypergraphs

Cite this

@article{6d5ae3f8a4a64f6cbcff22d8fbdc6fb1,
title = "Representing humans in system security models: An actor-network approach",
abstract = "System models to assess the vulnerability of information systems to security threats typically represent a physical infrastructure (buildings) and a digital infrastructure (computers and networks), in combination with an attacker traversing the system while acquiring credentials. Other humans are generally not included, as their behaviour is considered more difficult to express. We propose a graph-based reference model for reasoning about access in system models including human actions, inspired by the sociological actor-network theory, treating humans and non-humans symmetrically. This means that humans can employ things to gain access (an attacker gains access to a room by means of a key), but things can also employ humans to gain access (a USB stick gains access to a computer by means of an employee), leading to a simple but expressive model. The model has the additional advantage that it is not based on containment, an increasingly problematic notion in the age of disappearing boundaries between systems. Based on the reference model, we discuss algorithms for finding attacks, as well as examples. The reference model can serve as a starting point for discussing representations of human behaviour in system models, and for including human behaviour in other than graph-based approaches.",
keywords = "EWI-19934, SCS-Cybersecurity, Socio-Technical Systems, containment, Actor-Network Theory, vulnerability analysis, security modelling, METIS-279149, IR-76541, hypergraphs",
author = "Wolter Pieters",
note = "Open Access",
year = "2011",
volume = "2",
pages = "75--92",
journal = "Journal of wireless mobile networks, ubiquitous computing, and dependable applications",
issn = "2093-5374",
publisher = "Innovative Information Science & Technology Research Group (ISYOU)",
number = "1",

}

TY - JOUR

T1 - Representing humans in system security models: An actor-network approach

AU - Pieters,Wolter

N1 - Open Access

PY - 2011

Y1 - 2011

N2 - System models to assess the vulnerability of information systems to security threats typically represent a physical infrastructure (buildings) and a digital infrastructure (computers and networks), in combination with an attacker traversing the system while acquiring credentials. Other humans are generally not included, as their behaviour is considered more difficult to express. We propose a graph-based reference model for reasoning about access in system models including human actions, inspired by the sociological actor-network theory, treating humans and non-humans symmetrically. This means that humans can employ things to gain access (an attacker gains access to a room by means of a key), but things can also employ humans to gain access (a USB stick gains access to a computer by means of an employee), leading to a simple but expressive model. The model has the additional advantage that it is not based on containment, an increasingly problematic notion in the age of disappearing boundaries between systems. Based on the reference model, we discuss algorithms for finding attacks, as well as examples. The reference model can serve as a starting point for discussing representations of human behaviour in system models, and for including human behaviour in other than graph-based approaches.

AB - System models to assess the vulnerability of information systems to security threats typically represent a physical infrastructure (buildings) and a digital infrastructure (computers and networks), in combination with an attacker traversing the system while acquiring credentials. Other humans are generally not included, as their behaviour is considered more difficult to express. We propose a graph-based reference model for reasoning about access in system models including human actions, inspired by the sociological actor-network theory, treating humans and non-humans symmetrically. This means that humans can employ things to gain access (an attacker gains access to a room by means of a key), but things can also employ humans to gain access (a USB stick gains access to a computer by means of an employee), leading to a simple but expressive model. The model has the additional advantage that it is not based on containment, an increasingly problematic notion in the age of disappearing boundaries between systems. Based on the reference model, we discuss algorithms for finding attacks, as well as examples. The reference model can serve as a starting point for discussing representations of human behaviour in system models, and for including human behaviour in other than graph-based approaches.

KW - EWI-19934

KW - SCS-Cybersecurity

KW - Socio-Technical Systems

KW - containment

KW - Actor-Network Theory

KW - vulnerability analysis

KW - security modelling

KW - METIS-279149

KW - IR-76541

KW - hypergraphs

M3 - Article

VL - 2

SP - 75

EP - 92

JO - Journal of wireless mobile networks, ubiquitous computing, and dependable applications

T2 - Journal of wireless mobile networks, ubiquitous computing, and dependable applications

JF - Journal of wireless mobile networks, ubiquitous computing, and dependable applications

SN - 2093-5374

IS - 1

ER -