Go with the flow: Toward workflow-oriented security assessment

Binbin Chen, Zbigniew Kalbarczyk, David M. Nicol, William H. Sanders, Rui Tan, William G. Temple, Nils Ole Tippenhauer, An Hoa Vu, David K.Y. Yau

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In this paper we advocate the use of workow|describing how a system provides its intended functionality|as a pillar of cybersecurity analysis and propose a holistic workflow- oriented assessment framework. While workflow models are currently used in the area of performance and reliability assessment, these approaches are designed neither to assess a system in the presence of an active attacker, nor to assess security aspects such as confidentiality. On the other hand, existing security assessment methods typically focus on modeling the active attacker (e.g., attack graphs), but many rely on restrictive models that are not readily applicable to complex (e.g., cyber-physical or cyber-human) systems. By "going with the flow," our assessment framework can naturally adopt a holistic view of such systems, unifying information about system components, their properties, and possible attacks to argue about a security goal. The argument is expressed in a graph structure, based on inputs from several distinct classes that are integrated in a systematic manner. That rigorous structure allows our approach to provide quantitative assessment in an automated fashion (like reliability assessment tools and attack graphs), while maintaining a broad assessment scope. We demonstrate our security assessment process using the case of Advanced Metering Infrastructure in a smart power grid and obtain quantitative results for system availability and confidentiality

Original languageEnglish (US)
Title of host publicationNSPW 2013 - Proceedings of the 2013 New Security Paradigms Workshop
Pages65-76
Number of pages12
DOIs
StatePublished - Dec 1 2013
Event2013 New Security Paradigms Workshop, NSPW 2013 - Banff, AB, Canada
Duration: Sep 9 2013Sep 12 2013

Publication series

NameACM International Conference Proceeding Series

Other

Other2013 New Security Paradigms Workshop, NSPW 2013
CountryCanada
CityBanff, AB
Period9/9/139/12/13

Fingerprint

Smart power grids
Advanced metering infrastructures
Information systems
Availability

Keywords

  • Argument graph
  • Complex systems
  • Security assessment
  • Security model
  • Workflow

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Vision and Pattern Recognition
  • Computer Networks and Communications

Cite this

Chen, B., Kalbarczyk, Z., Nicol, D. M., Sanders, W. H., Tan, R., Temple, W. G., ... Yau, D. K. Y. (2013). Go with the flow: Toward workflow-oriented security assessment. In NSPW 2013 - Proceedings of the 2013 New Security Paradigms Workshop (pp. 65-76). (ACM International Conference Proceeding Series). https://doi.org/10.1145/2535813.2535821

Go with the flow : Toward workflow-oriented security assessment. / Chen, Binbin; Kalbarczyk, Zbigniew; Nicol, David M.; Sanders, William H.; Tan, Rui; Temple, William G.; Tippenhauer, Nils Ole; Vu, An Hoa; Yau, David K.Y.

NSPW 2013 - Proceedings of the 2013 New Security Paradigms Workshop. 2013. p. 65-76 (ACM International Conference Proceeding Series).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Chen, B, Kalbarczyk, Z, Nicol, DM, Sanders, WH, Tan, R, Temple, WG, Tippenhauer, NO, Vu, AH & Yau, DKY 2013, Go with the flow: Toward workflow-oriented security assessment. in NSPW 2013 - Proceedings of the 2013 New Security Paradigms Workshop. ACM International Conference Proceeding Series, pp. 65-76, 2013 New Security Paradigms Workshop, NSPW 2013, Banff, AB, Canada, 9/9/13. https://doi.org/10.1145/2535813.2535821
Chen B, Kalbarczyk Z, Nicol DM, Sanders WH, Tan R, Temple WG et al. Go with the flow: Toward workflow-oriented security assessment. In NSPW 2013 - Proceedings of the 2013 New Security Paradigms Workshop. 2013. p. 65-76. (ACM International Conference Proceeding Series). https://doi.org/10.1145/2535813.2535821
Chen, Binbin ; Kalbarczyk, Zbigniew ; Nicol, David M. ; Sanders, William H. ; Tan, Rui ; Temple, William G. ; Tippenhauer, Nils Ole ; Vu, An Hoa ; Yau, David K.Y. / Go with the flow : Toward workflow-oriented security assessment. NSPW 2013 - Proceedings of the 2013 New Security Paradigms Workshop. 2013. pp. 65-76 (ACM International Conference Proceeding Series).
@inproceedings{28a0986e9aa44a47aeaed422c40d82ab,
title = "Go with the flow: Toward workflow-oriented security assessment",
abstract = "In this paper we advocate the use of workow|describing how a system provides its intended functionality|as a pillar of cybersecurity analysis and propose a holistic workflow- oriented assessment framework. While workflow models are currently used in the area of performance and reliability assessment, these approaches are designed neither to assess a system in the presence of an active attacker, nor to assess security aspects such as confidentiality. On the other hand, existing security assessment methods typically focus on modeling the active attacker (e.g., attack graphs), but many rely on restrictive models that are not readily applicable to complex (e.g., cyber-physical or cyber-human) systems. By {"}going with the flow,{"} our assessment framework can naturally adopt a holistic view of such systems, unifying information about system components, their properties, and possible attacks to argue about a security goal. The argument is expressed in a graph structure, based on inputs from several distinct classes that are integrated in a systematic manner. That rigorous structure allows our approach to provide quantitative assessment in an automated fashion (like reliability assessment tools and attack graphs), while maintaining a broad assessment scope. We demonstrate our security assessment process using the case of Advanced Metering Infrastructure in a smart power grid and obtain quantitative results for system availability and confidentiality",
keywords = "Argument graph, Complex systems, Security assessment, Security model, Workflow",
author = "Binbin Chen and Zbigniew Kalbarczyk and Nicol, {David M.} and Sanders, {William H.} and Rui Tan and Temple, {William G.} and Tippenhauer, {Nils Ole} and Vu, {An Hoa} and Yau, {David K.Y.}",
year = "2013",
month = "12",
day = "1",
doi = "10.1145/2535813.2535821",
language = "English (US)",
isbn = "9781450325820",
series = "ACM International Conference Proceeding Series",
pages = "65--76",
booktitle = "NSPW 2013 - Proceedings of the 2013 New Security Paradigms Workshop",

}

TY - GEN

T1 - Go with the flow

T2 - Toward workflow-oriented security assessment

AU - Chen, Binbin

AU - Kalbarczyk, Zbigniew

AU - Nicol, David M.

AU - Sanders, William H.

AU - Tan, Rui

AU - Temple, William G.

AU - Tippenhauer, Nils Ole

AU - Vu, An Hoa

AU - Yau, David K.Y.

PY - 2013/12/1

Y1 - 2013/12/1

N2 - In this paper we advocate the use of workow|describing how a system provides its intended functionality|as a pillar of cybersecurity analysis and propose a holistic workflow- oriented assessment framework. While workflow models are currently used in the area of performance and reliability assessment, these approaches are designed neither to assess a system in the presence of an active attacker, nor to assess security aspects such as confidentiality. On the other hand, existing security assessment methods typically focus on modeling the active attacker (e.g., attack graphs), but many rely on restrictive models that are not readily applicable to complex (e.g., cyber-physical or cyber-human) systems. By "going with the flow," our assessment framework can naturally adopt a holistic view of such systems, unifying information about system components, their properties, and possible attacks to argue about a security goal. The argument is expressed in a graph structure, based on inputs from several distinct classes that are integrated in a systematic manner. That rigorous structure allows our approach to provide quantitative assessment in an automated fashion (like reliability assessment tools and attack graphs), while maintaining a broad assessment scope. We demonstrate our security assessment process using the case of Advanced Metering Infrastructure in a smart power grid and obtain quantitative results for system availability and confidentiality

AB - In this paper we advocate the use of workow|describing how a system provides its intended functionality|as a pillar of cybersecurity analysis and propose a holistic workflow- oriented assessment framework. While workflow models are currently used in the area of performance and reliability assessment, these approaches are designed neither to assess a system in the presence of an active attacker, nor to assess security aspects such as confidentiality. On the other hand, existing security assessment methods typically focus on modeling the active attacker (e.g., attack graphs), but many rely on restrictive models that are not readily applicable to complex (e.g., cyber-physical or cyber-human) systems. By "going with the flow," our assessment framework can naturally adopt a holistic view of such systems, unifying information about system components, their properties, and possible attacks to argue about a security goal. The argument is expressed in a graph structure, based on inputs from several distinct classes that are integrated in a systematic manner. That rigorous structure allows our approach to provide quantitative assessment in an automated fashion (like reliability assessment tools and attack graphs), while maintaining a broad assessment scope. We demonstrate our security assessment process using the case of Advanced Metering Infrastructure in a smart power grid and obtain quantitative results for system availability and confidentiality

KW - Argument graph

KW - Complex systems

KW - Security assessment

KW - Security model

KW - Workflow

UR - http://www.scopus.com/inward/record.url?scp=84893034417&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84893034417&partnerID=8YFLogxK

U2 - 10.1145/2535813.2535821

DO - 10.1145/2535813.2535821

M3 - Conference contribution

AN - SCOPUS:84893034417

SN - 9781450325820

T3 - ACM International Conference Proceeding Series

SP - 65

EP - 76

BT - NSPW 2013 - Proceedings of the 2013 New Security Paradigms Workshop

ER -