Reference Hub2
Trust Based Interdependency Weighting for On-Line Risk Monitoring in Interdependent Critical Infrastructures

Trust Based Interdependency Weighting for On-Line Risk Monitoring in Interdependent Critical Infrastructures

Filipe Caldeira, Thomas Schaberreiter, Sébastien Varrette, Edmundo Monteiro, Paulo Simões, Pascal Bouvry, Djamel Khadraoui
Copyright: © 2013 |Volume: 4 |Issue: 4 |Pages: 23
ISSN: 1947-3036|EISSN: 1947-3044|EISBN13: 9781466635302|DOI: 10.4018/ijsse.2013100103
Cite Article Cite Article

MLA

Caldeira, Filipe, et al. "Trust Based Interdependency Weighting for On-Line Risk Monitoring in Interdependent Critical Infrastructures." IJSSE vol.4, no.4 2013: pp.47-69. http://doi.org/10.4018/ijsse.2013100103

APA

Caldeira, F., Schaberreiter, T., Varrette, S., Monteiro, E., Simões, P., Bouvry, P., & Khadraoui, D. (2013). Trust Based Interdependency Weighting for On-Line Risk Monitoring in Interdependent Critical Infrastructures. International Journal of Secure Software Engineering (IJSSE), 4(4), 47-69. http://doi.org/10.4018/ijsse.2013100103

Chicago

Caldeira, Filipe, et al. "Trust Based Interdependency Weighting for On-Line Risk Monitoring in Interdependent Critical Infrastructures," International Journal of Secure Software Engineering (IJSSE) 4, no.4: 47-69. http://doi.org/10.4018/ijsse.2013100103

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Critical infrastructure (CI) services are constantly consumed by the society and are not expected to fail. A common definition states that CIs are so vital to our society that a disruption would have a severe impact on both the society and the economy. CI sectors include, amongst others, electricity, telecommunication and transport. CIs can be mutually dependent on each others services and a failure in one of these elements can cascade to another (inter)dependent CI. CI security modelling was introduced in previous work to enable on-line risk monitoring in CIs that depend on each other by exchanging risk alerts expressed in terms of a breach of Confidentiality, a breach of Integrity and degrading Availability (C,I,A). While generally providing a solid basis for risk monitoring, there is no way of evaluating if a risk alert received from an external CI is accurate. In this paper the authors propose a solution to this problem by adding a trust based component to the CI security model in order to improve its accuracy and resilience to inconsistent or inaccurate risk alerts provided by (inter)dependent CIs, allowing to evaluate the correctness of the received alerts. The proposed approach is validated on a realistic scenario by evaluating a dependency between the computing and the telecommunication sectors in the context of the Grid'5000 platform.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.