Analysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems

Conference paper

DOI: 10.1007/978-3-319-46598-2_12

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9871)
Cite this paper as:
Lenzini G., Mauw S., Ouchani S. (2016) Analysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems. In: Barthe G., Markatos E., Samarati P. (eds) Security and Trust Management. STM 2016. Lecture Notes in Computer Science, vol 9871. Springer, Cham

Abstract

A crucial question for an ICT organization wishing to improve its security is whether a security policy together with physical access controls protects from socio-technical threats. We study this question formally. We model the information flow defined by what the organization’s employees do (copy, move, and destroy information) and propose an algorithm that enforces a policy on the model, before checking against an adversary if a security requirement holds.

Keywords

Socio-Technical-Physical Systems Modelling security and policies 

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  1. 1.Interdisciplinary Centre for Security, Reliability and TrustUniversity of LuxembourgLuxembourgLuxembourg
  2. 2.CSC/Interdisciplinary Centre for Security, Reliability and TrustUniversity of LuxembourgLuxembourgLuxembourg

Personalised recommendations