Caulfield, T. and Pym, D. and Williams, J. (2014) 'Compositional security modelling : structure, economics, and behaviour.', in Human aspects of information security, privacy, and trust : 2nd International Conference, HAS 2014, Held as part of HCI International 2014, Heraklion, Crete, Greece, June 22-27, 2014 : proceedings. Heidelberg: Springer, pp. 233-245. Lecture notes in computer science., 8533 (8533).
Abstract
Security managers face the challenge of formulating and implementing policies that deliver their desired system security postures — for example, their preferred balance of confidentiality, integrity, and availability — within budget (monetary and otherwise). In this paper, we describe a security modelling methodology, grounded in rigorous mathematical systems modelling and economics, that captures the managers’ policies and the behavioural choices of agents operating within the system. Models are executable, so allowing systematic experimental exploration of the system-policy co-design space, and compositional, so managing the complexity of large-scale systems.
| Item Type: | Book chapter |
|---|---|
| Full text: | (AM) Accepted Manuscript Download PDF (403Kb) |
| Status: | Peer-reviewed |
| Publisher Web site: | http://dx.doi.org/10.1007/978-3-319-07620-1_21 |
| Publisher statement: | The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-07620-1_21 |
| Date accepted: | No date available |
| Date deposited: | 07 July 2015 |
| Date of first online publication: | June 2014 |
| Date first made open access: | No date available |
Save or Share this output
| Export: | |
| Look up in GoogleScholar |
