Title | ||
---|---|---|
Portunes: representing attack scenarios spanning through the physical, digital and social domain |
Abstract | ||
---|---|---|
The security goals of an organization are realized through security policies, which concern physical security, digital security and security awareness. An insider is aware of these security policies, and might be able to thwart the security goals by combining physical, digital and social means. A systematic analysis of such attacks requires the whole environment where the insider operates to be formally represented. This paper presents Portunes, a framework which integrates all three security domains in a single environment. Portunes consists of a high-level abstraction model focusing on the relations between the three security domains and a lower abstraction level language able to represent the model and describe attacks which span the three security domains. Using the Portunes framework, we are able to represent a whole new family of attacks where the insider is not assumed to use purely digital actions to achieve a malicious goal. |
Year | Venue | Keywords |
---|---|---|
2010 | ARSPA-WITS | digital action,security awareness,portunes framework,social domain,lower abstraction level language,digital security,attack scenario,security policy,high-level abstraction model,concern physical security,security goal,security domain,security model |
Field | DocType | Volume |
Security convergence,Security testing,Security through obscurity,Physical security,Computer security,Computer science,Security service,Cloud computing security,Security information and event management,Computer security model | Conference | 6186 |
ISSN | ISBN | Citations |
0302-9743 | 3-642-16073-5 | 22 |
PageRank | References | Authors |
1.18 | 4 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Trajce Dimkov | 1 | 73 | 6.27 |
Wolter Pieters | 2 | 226 | 28.57 |
Pieter Hartel | 3 | 1159 | 115.28 |