TY - GEN
T1 - The right tool for the job
T2 - 3rd International Workshop on Graphical Models for Security, GraMSec 2016
AU - Dong, Xinshu
AU - Jauhar, Sumeet
AU - Temple, William G.
AU - Chen, Binbin
AU - Kalbarczyk, Zbigniew
AU - Sanders, William H.
AU - Tippenhauer, Nils Ole
AU - Nicol, David M.
N1 - Publisher Copyright:
© Springer International Publishing AG 2016.
PY - 2016
Y1 - 2016
N2 - Motivated by the practical importance of security assessment, researchers have developed numerous model-based methodologies. However, the diversity of different methodologies and tool designs makes it challenging to compare their respective strengths or integrate their results. To make it more conducive to incorporate them for practical assessment tasks, we believe it is critical to establish a common foundation of security assessment inputs to support different methodologies and tools. As the initial effort, this paper presents an open repository of Common Input Scenarios for Security Assessment (CISSA) for different model-based security assessment tools. By proposing a CISSA design framework and constructing six initial scenarios based on real-world incidents, we experimentally show how CISSA can provide new insights and concrete reference points to both security practitioners and tool developers. We have hosted CISSA on a publicly available website, and envision that community effort in building CISSA would significantly advance the scientific and practical values of model-based security assessment.
AB - Motivated by the practical importance of security assessment, researchers have developed numerous model-based methodologies. However, the diversity of different methodologies and tool designs makes it challenging to compare their respective strengths or integrate their results. To make it more conducive to incorporate them for practical assessment tasks, we believe it is critical to establish a common foundation of security assessment inputs to support different methodologies and tools. As the initial effort, this paper presents an open repository of Common Input Scenarios for Security Assessment (CISSA) for different model-based security assessment tools. By proposing a CISSA design framework and constructing six initial scenarios based on real-world incidents, we experimentally show how CISSA can provide new insights and concrete reference points to both security practitioners and tool developers. We have hosted CISSA on a publicly available website, and envision that community effort in building CISSA would significantly advance the scientific and practical values of model-based security assessment.
UR - http://www.scopus.com/inward/record.url?scp=84988472412&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84988472412&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-46263-9_3
DO - 10.1007/978-3-319-46263-9_3
M3 - Conference contribution
AN - SCOPUS:84988472412
SN - 9783319462622
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 39
EP - 61
BT - Graphical Models for Security - 3rd International Workshop, GraMSec 2016, Revised Selected Papers
A2 - Ekstedt, Mathias
A2 - Kordy, Barbara
A2 - Kim, Dong Seong
PB - Springer
Y2 - 27 June 2016 through 27 June 2016
ER -