loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Jean-Louis Huynen and Gabriele Lenzini

Affiliation: University of Luxembourg, Luxembourg

Keyword(s): Socio-technical Security, Information Security Management and Reasoning, Root Cause Analysis.

Abstract: Inspired by the root cause analysis procedures common in safety, we propose a methodology for a prospective and a retrospective analysis of security and a tool that implements it. When applied prospectively, the methodology guides analysts to assess socio-technical vulnerabilities in a system, helping them to evaluate their choices in designing security policies and controls. But the methodology works also retrospectively. It assists analysts in retrieving the causes of an observed socio-technical attack, guiding them to understand where the information security management of the system has failed. The methodology is tuned to find causes that root in the human-related factors that an attacher can exploit to execute its intrusion.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.81.79.135

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Huynen, J. and Lenzini, G. (2017). From Situation Awareness to Action: An Information Security Management Toolkit for Socio-technical Security Retrospective and Prospective Analysis. In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-209-7; ISSN 2184-4356, SciTePress, pages 213-224. DOI: 10.5220/0006211302130224

@conference{icissp17,
author={Jean{-}Louis Huynen. and Gabriele Lenzini.},
title={From Situation Awareness to Action: An Information Security Management Toolkit for Socio-technical Security Retrospective and Prospective Analysis},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP},
year={2017},
pages={213-224},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006211302130224},
isbn={978-989-758-209-7},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP
TI - From Situation Awareness to Action: An Information Security Management Toolkit for Socio-technical Security Retrospective and Prospective Analysis
SN - 978-989-758-209-7
IS - 2184-4356
AU - Huynen, J.
AU - Lenzini, G.
PY - 2017
SP - 213
EP - 224
DO - 10.5220/0006211302130224
PB - SciTePress