Change search
ReferencesLink to record
Permanent link

Direct link
Integrated metamodel for security analysis
KTH, School of Electrical Engineering (EES), Electric power and energy systems.ORCID iD: 0000-0003-1464-6163
KTH, School of Electrical Engineering (EES), Electric power and energy systems.ORCID iD: 0000-0001-7386-7471
KTH, School of Electrical Engineering (EES), Electric power and energy systems.
KTH, School of Electrical Engineering (EES), Electric power and energy systems.ORCID iD: 0000-0002-3293-1681
2015 (English)In: 2015 48TH HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS), IEEE Computer Society, 2015, 5192-5200 p.Conference paper (Refereed)Text
Abstract [en]

This paper proposes a metamodel for analyzing security aspects of enterprise architecture by combining analysis of cybersecurity with analysis of interoperability and availability. The metamodel extends an existing attack graph based metamodel for cybersecurity modeling and evaluation, (PCySeMoL)-Cy-2, and incorporates several new elements and evaluation rules. The approach improves security analysis by combining two ways of evaluating reachability: one which considers ordinary user activity and another, which considers technically advanced techniques for penetration and attack. It is thus permitting to evaluate security in interoperability terms by revealing attack possibilities of legitimate users. Combined with data import from various sources, like an enterprise architecture data repository, the instantiations of the proposed metamodel allow for a more holistic overview of the threats to the architecture than the previous version. Additional granularity is added to the analysis with the reachability need concept and by enabling the consideration of unavailable and unreliable systems.

Place, publisher, year, edition, pages
IEEE Computer Society, 2015. 5192-5200 p.
Series
, Proceedings of the Annual Hawaii International Conference on System Sciences, ISSN 1060-3425
National Category
Computer Science
Identifiers
URN: urn:nbn:se:kth:diva-181009DOI: 10.1109/HICSS.2015.613ISI: 000366264105039ScopusID: 2-s2.0-84944219720ISBN: 978-1-4799-7367-5OAI: oai:DiVA.org:kth-181009DiVA: diva2:897785
Conference
48th Annual Hawaii International Conference on System Sciences (HICSS), JAN 05-08, 2015, Kauai, HI
Note

QC 20160126

Available from: 2016-01-26 Created: 2016-01-26 Last updated: 2016-02-26Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Search in DiVA

By author/editor
Välja, MargusKorman, MatusShahzad, KhurramJohnson, Pontus
By organisation
Electric power and energy systems
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Altmetric score

Total: 19 hits
ReferencesLink to record
Permanent link

Direct link