Portunes: Representing attack scenarios spanning through the physical, digital and social domain

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 6186 LNCS, Issue , 2010, Pages 112-129

  Dimkov, Trajce ^a   Pieters, Wolter ^a   Hartel, Pieter ^a  

^a UNIVERSITY OF TWENTE   (Netherlands)

Author keywords

insider threat; physical security; security awareness; security model

Indexed keywords

ABSTRACTION LEVEL; ATTACK SCENARIOS; DIGITAL SECURITY; HIGH-LEVEL ABSTRACTION; INSIDER THREAT; PHYSICAL SECURITY; SECURITY AWARENESS; SECURITY DOMAINS; SECURITY GOALS; SECURITY MODEL; SECURITY POLICY; SOCIAL DOMAINS; SYSTEMATIC ANALYSIS;

ABSTRACTING; AUTOMATA THEORY; HIGH LEVEL LANGUAGES; NETWORK SECURITY; PROBLEM SOLVING; SECURITY SYSTEMS; XML;

NETWORK PROTOCOLS; XML;

EID: 78449295810     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-16074-5_9     Document Type: Conference Paper

References (12)

1. INFOSEC Research Council. Hard problem list (November 2005), http://www.cyber.st.dhs.gov/docs/IRC-Hard-Problem-List.pdf
2. Randazzo, M.R., Keeney, M., Kowalski, E., Cappelli, D., Moore, A.: Insider threat study: Illicit cyber activity in the banking and finance sector. U.S. Secret Service and CERT Coordination Center Software Engineering Institute (2004)
3. DePoy, J., Phelan, J., Sholander, P., Smith, B.J., Varnado, G.B., Wyss, G.D., Darby, J., Walter, A.: Critical infrastructure systems of systems assessment methodology. Technical Report SAND2006-6399, Sandia National Laboratories (October 2007)
4. Stasiukonis, S.: Social engineering the usb way (2006), http://www.darkreading.com/document.asp?doc-id=95556
5. Dragovic, B., Crowcroft, J.: Containment: from context awareness to contextual effects awareness. In: Proceedings of 2nd Inernational Workshop on Software Aspects of Context. CEUR Workshop Proceedings (2005)
6. Scott, D.J.: Abstracting Application-Level Security Policy for Ubiquitous Computing. PhD thesis, University of Cambridge, Cambridge (2004)
7. De Nicola, R., Ferrari, G.L., Pugliese, R.: KLAIM: A kernel language for agents interaction and mobility. IEEE Transactions on software engineering 24(5), 315-330 (1998) (Pubitemid 128741958)
8. Gorla, D., Pugliese, R.: Resource access and mobility control with dynamic privileges acquisition. In: Baeten, J.C.M., Lenstra, J.K., Parrow, J., Woeginger, G.J. (eds.) ICALP 2003. LNCS, vol. 2719, pp. 119-132. Springer, Heidelberg (2003)
9. Bettini, L., Loreti, M., Pugliese, R.: An infrastructure language for open nets. In: SAC 2002: Proceedings of the 2002 ACM Symposium on Applied Computing, pp. 373-377. ACM, New York (2002)
10. Probst, C.W., Hansen, R.R., Nielson, F.: Where can an insider attack? In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2006. LNCS, vol. 4691, pp. 127-142. Springer, Heidelberg (2007)
11. Dimkov, T., Tang, Q., Hartel, P.H.: On the inability of existing security models to cope with data mobility in dynamic organizations. In: Proceedings of theWorkshop on Modeling Security. CEUR Workshop Proceedings (2008)
12. AlZarouni, M.: The reality of risks from consented use of usb devices. In: Valli, C., Woodward, A. (eds.) Proceedings of the 4th Australian Information Security Conference, pp. 5-15 (2006)