International Conference on Human Aspects of Information Security, Privacy, and Trust

HAS 2014: Human Aspects of Information Security, Privacy, and Trust pp 233-245

Compositional Security Modelling

Structure, Economics, and Behaviour
  • Tristan Caulfield
  • David Pym
  • Julian Williams
Conference paper

DOI: 10.1007/978-3-319-07620-1_21

Volume 8533 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Caulfield T., Pym D., Williams J. (2014) Compositional Security Modelling. In: Tryfonas T., Askoxylakis I. (eds) Human Aspects of Information Security, Privacy, and Trust. HAS 2014. Lecture Notes in Computer Science, vol 8533. Springer, Cham

Abstract

Security managers face the challenge of formulating and implementing policies that deliver their desired system security postures — for example, their preferred balance of confidentiality, integrity, and availability — within budget (monetary and otherwise). In this paper, we describe a security modelling methodology, grounded in rigorous mathematical systems modelling and economics, that captures the managers’ policies and the behavioural choices of agents operating within the system. Models are executable, so allowing systematic experimental exploration of the system-policy co-design space, and compositional, so managing the complexity of large-scale systems.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Tristan Caulfield
    • 1
  • David Pym
    • 1
  • Julian Williams
    • 2
  1. 1.Department of Computer ScienceUniversity College LondonUK
  2. 2.Business SchoolUniversity of DurhamUK