22 November 2012
An Asset-Centric Approach for Engineering Adaptive Security
Meeting Room 10, 2nd Floor, JLB
12:30pm - 13:45pm
Dr Liliana Pasquale - Lero
Security is primarily concerned with protecting assets from harm. Identifying and evaluating assets are therefore key activities in any security engineering process – from modeling threats and attacks, discovering existing vulnerabilities, to selecting appropriate security controls. However, despite their crucial role, assets are often neglected during the development of secure software systems. Indeed, many systems are designed with fixed security boundaries and assumptions, without the possibility to adapt when assets change unexpectedly, new threats arise, or undiscovered vulnerabilities are revealed.
To handle such changes, systems must be capable of dynamically enabling different security controls. In this talk assets are promoted as first-class entities in engineering secure software systems. An asset model is related to requirements, expressed through a goal model, and the objectives of an attacker, expressed through a threat model. These models are then used as input to build a causal network to analyze system security in different situations, and to enable, when necessary, a set of security controls to mitigate security threats. The three models and the causal network are used to configure the activities of a MAPE (Monitor, Analysis, Planning, and Execution). These are performed at runtime to detect changes in assets and other relevant security concerns (Monitoring), re-estimate the security risk and the utility of all configurations of security controls (Analysis), select the configuration of security controls with the best utility (Planning), and
apply it on the system (Execution). The approach is illustrated through several examples from cloud computing, to mobile applications, access control systems and smart grids.
Save to your Calendar