2010
DOI: 10.1007/978-3-642-16074-5_9
|View full text |Cite
|
Sign up to set email alerts
|

Portunes: Representing Attack Scenarios Spanning through the Physical, Digital and Social Domain

Abstract: The security goals of an organization are realized through security policies, which concern physical security, digital security and security awareness. An insider is aware of these security policies, and might be able to thwart the security goals by combining physical, digital and social means. A systematic analysis of such attacks requires the whole environment where the insider operates to be formally represented. This paper presents Portunes, a framework which integrates all three security domains in a sing… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
38
0

Year Published

2015
2015
2021
2021

Publication Types

Select...
6

Relationship

0
6

Authors

Journals

citations
Cited by 32 publications
(38 citation statements)
references
References 5 publications
0
38
0
Order By: Relevance
“…As stated above, both the ExASyM [7] and Portunes [8] modelling languages fulfil the above requirements for using our approach, as does any Klaim-like models [12] in general. While Klaim models process mobility by processes moving from node to node, we request processes to reside in special nodes that move around with the process.…”
Section: Graphical System Modelsmentioning
confidence: 65%
See 3 more Smart Citations
“…As stated above, both the ExASyM [7] and Portunes [8] modelling languages fulfil the above requirements for using our approach, as does any Klaim-like models [12] in general. While Klaim models process mobility by processes moving from node to node, we request processes to reside in special nodes that move around with the process.…”
Section: Graphical System Modelsmentioning
confidence: 65%
“…System models includes representations of both the physical and the digital infrastructure of an organisation. This is similar to approaches such as ExASyM [7] and Portunes [8], which represent relevant elements as nodes in a graph, that form the natural basis for the application of our techniques. However, for the current work, we do not require a particular kind of representation: the only requirement is that the core concepts discussed later in this section can be extracted from the underlying model.…”
Section: Graphical System Models and Attack Modelsmentioning
confidence: 78%
See 2 more Smart Citations
“…The only requirement is that all model elements have unique identifiers that establish the link between their occurrences in the attack tree and the model, respectively. While we present them in the setting of the TRE S PASS model, which is similar to ExASyM [11] and Portunes [12], the general approach can be applied to any graphical system model and any attack model. For example, the metrics used for visualising model components can also be output as a text file for sorting and further analysis.…”
Section: Introductionmentioning
confidence: 99%