Reference : From Situation Awareness to Action: An Information Security Management Toolkit for So...
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
http://hdl.handle.net/10993/29940
From Situation Awareness to Action: An Information Security Management Toolkit for Socio-Technical Security Retrospective and Prospective Analysis
English
Huynen, Jean-Louis mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Lenzini, Gabriele mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
2017
Proceedings of the 3rd International Conference on Information Systems Security and Privacy
Yes
ICISSP - 3rd International Conference on Information Systems Security and Privacy
from 19-02-2017 to 21-02-2017
Porto
Portugal
[en] Socio-Technical Security ; Information Security Management and Reasoning ; Root Cause Analysis
[en] Inspired by the root cause analysis procedures common in safety, we propose a methodology for a prospective and a retrospective analysis of security and a tool that implements it. When applied prospectively, the methodology guides analysts to assess socio-technical vulnerabilities in a system, helping them to evaluate their choices in designing security policies and controls. But the methodology works also retrospectively. It assists analysts in retrieving the causes of an observed socio-technical attack, guiding them to understand where the information security management of the system has failed. The methodology is tuned to find causes that root in the human-related factors that an attacher can exploit to execute its intrusion.
Fonds National de la Recherche - FnR
http://hdl.handle.net/10993/29940
FnR ; FNR1183245 > Peter Y. A. Ryan > STAST > Socio-Technical Analysis of Security and Trust > 01/05/2012 > 30/04/2015 > 2011

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
SCREAM.pdfAuthor postprint765.22 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.