Assessing security and privacy behavioural risks for self-protection systems

Yijun Yu*, Yoshioka Nobukazu, Tetsuo Tamai

*この研究の対応する著者

研究成果

3 被引用数 (Scopus)

抄録

Security and privacy can often be considered from two perspectives. The first perspective is that of the attacker who seeks to exploit vulnerabilities of the system to harm assets such as the software system itself or its users. The second perspective is that of the defender who seeks to protect the assets by minimising the likelihood of attacks on those assets. This chapter focuses on analysing security and privacy risks from these two perspectives considering both the software system and its uncertain environment including uncertain human behaviours. These risks are dynamically changing at runtime, making them even harder to analyse. To compute the range of these risks, we highlight how to alternate between the attacker and the defender perspectives as part of an iterative process. We then quantify the risk assessment as part of adaptive security and privacy mechanisms complementing the logic reasoning of qualitative risks in argumentation (Yu et al., J Syst Softw 106:102(replacement character)116, 2015). We illustrate the proposed approach through the risk analysis of examples in security and privacy.

本文言語English
ホスト出版物のタイトルEngineering adaptive software systems
ホスト出版物のサブタイトルCommunications of nii shonan meetings
出版社Springer Singapore
ページ135-147
ページ数13
ISBN(電子版)9789811321856
ISBN(印刷版)9789811321849
DOI
出版ステータスPublished - 2019 1 14
外部発表はい

ASJC Scopus subject areas

  • コンピュータ サイエンス(全般)

フィンガープリント

「Assessing security and privacy behavioural risks for self-protection systems」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル