Mobility

Representing Humans in System Security Models: An Actor-Network Approach

Download Now Free registration required

Executive Summary

System models to assess the vulnerability of information systems to security threats typically represent a physical infrastructure (buildings) and a digital infrastructure (computers and networks), in combination with an attacker traversing the system while acquiring credentials. Other humans are generally not included, as their behavior is considered more difficult to express. The authors propose a graph-based reference model for reasoning about access in system models including human actions, inspired by the sociological actor-network theory, treating humans and non-humans symmetrically.

  • Format: PDF
  • Size: 532.7 KB