Go with the Flow: Toward Workflow-Oriented Security Assessment

In this paper, the authors advocate the use of workflow-describing how a system provides its intended functionality-as a pillar of cybersecurity analysis and propose a holistic workflow-oriented assessment framework. While workflow models are currently used in the area of performance and reliability assessment, these approaches are designed neither to assess a system in the presence of an active attacker, nor to assess security aspects such as confidentiality. On the other hand, existing security assessment methods typically focus on modeling the active attacker (e.g., attack graphs), but many rely on restrictive models that are not readily applicable to complex (e.g., cyber-physical or cyber-human) systems.

Provided by: Association for Computing Machinery Topic: Security Date Added: Nov 2013 Format: PDF

Find By Topic