Assessing security and privacy behavioural risks for self-protection systems

Yijun Yu*, Yoshioka Nobukazu, Tetsuo Tamai



3 被引用数 (Scopus)


Security and privacy can often be considered from two perspectives. The first perspective is that of the attacker who seeks to exploit vulnerabilities of the system to harm assets such as the software system itself or its users. The second perspective is that of the defender who seeks to protect the assets by minimising the likelihood of attacks on those assets. This chapter focuses on analysing security and privacy risks from these two perspectives considering both the software system and its uncertain environment including uncertain human behaviours. These risks are dynamically changing at runtime, making them even harder to analyse. To compute the range of these risks, we highlight how to alternate between the attacker and the defender perspectives as part of an iterative process. We then quantify the risk assessment as part of adaptive security and privacy mechanisms complementing the logic reasoning of qualitative risks in argumentation (Yu et al., J Syst Softw 106:102(replacement character)116, 2015). We illustrate the proposed approach through the risk analysis of examples in security and privacy.

ホスト出版物のタイトルEngineering adaptive software systems
ホスト出版物のサブタイトルCommunications of nii shonan meetings
出版社Springer Singapore
出版ステータスPublished - 2019 1月 14

ASJC Scopus subject areas

  • コンピュータ サイエンス(全般)


「Assessing security and privacy behavioural risks for self-protection systems」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。