An analysis of security incidents on the Internet 1989-1995
An analysis of security incidents on the Internet 1989-1995
A security architecture to protect against the insider threat from damage, fraud and theft
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
A framework for modelling security architectures in services ecosystems
ESOCC'12 Proceedings of the First European conference on Service-Oriented and Cloud Computing
| Hi-index | 0.00 |
Existing practical architectural models have been proposed with a hierarchy of layers such as Neumann's 8-layered security model. These models cannot reason about complex systems convincingly, so we need new models for systematic and faithful analysis. We have simplified Neumann's model to create a three-layer security model that can be used for understanding and reasoning about the security of complex systems and formalised to automate analysis. The three layers are the semantic (involving people and organisations), logical (computers and networks) and physical layers including the relationships and interactions between them. Our model can be used to analyse systems more systematically and holistically including human and physical factors, rather than as technical systems alone. The model is applied to examine the security of the electricity grid, which is very difficult to analyse because of its complexity. It can also model other aspects of critical infrastructure and other complex systems such as financial networks.