On the Role of Primary and Secondary Assets in Adaptive Security: An Application in Smart Grids

peer-reviewedAdaptive security aims to protect valuable assets managed by a system, by applying a varying set of security controls. Engineering adaptive security is not an easy task. A set of effective security countermeasures should be identified. These countermeasures should not only be applied to (primary) assets that customers desire to protect, but also to other (secondary) assets that can be exploited by attackers to harm the primary assets. Another challenge arises when assets vary dynamically at runtime. To accommodate these variabilities, it is necessary to monitor changes in assets, and apply the most appropriate countermeasures at runtime. The paper provides three main contributions for engineering adaptive security. First, it proposes a modeling notation to represent primary and secondary assets, along with their variability. Second, it describes how to use the extended models in engineering security requirements and designing required monitoring functions. Third, the paper illustrates our approach through a set of adaptive security scenarios in the customer domain of a smart grid. We suggest that modeling secondary assets aids the deployment of countermeasures, and, in combination with a representation of assets variability, facilitates the design of monitoring function

General Terms

In this paper, we describe the prevention-focused and adaptive middleware mechanisms implemented as part of the Advanced Adaptive Applications (A3) Environment that we are developing as a near-application and application-focused cyber-defense technology under the DARPA Clean-slate design of Resilient, Adaptive, Secure Hosts (CRASH) program

Models, methods and information technologies of protection of corporate systems of transport based on intellectual identification of threats

In article results of researches on development of methods and models of intellectual recognition of threats to information systems of transport. The article to contain results of the researches, allowing to raise level of protection of the automated and intellectual information systems of the transportation enterprises (AISTE) in the conditions of an intensification of transportations.  The article to contain mathematical models and results of an estimation information systems having Internet connection through various communication channels. The article also considers the issues of research and protection of the AISTE under the condition of several conflict data request threads

Cyber Security Politics

This book examines new and challenging political aspects of cyber security and presents it as an issue defined by socio-technological uncertainty and political fragmentation. Structured along two broad themes and providing empirical examples for how socio-technical changes and political responses interact, the first part of the book looks at the current use of cyber space in conflictual settings, while the second focuses on political responses by state and non-state actors in an environment defined by uncertainties. Within this, it highlights four key debates that encapsulate the complexities and paradoxes of cyber security politics from a Western perspective – how much political influence states can achieve via cyber operations and what context factors condition the (limited) strategic utility of such operations; the role of emerging digital technologies and how the dynamics of the tech innovation process reinforce the fragmentation of the governance space; how states attempt to uphold stability in cyberspace and, more generally, in their strategic relations; and how the shared responsibility of state, economy, and society for cyber security continues to be re-negotiated in an increasingly trans-sectoral and transnational governance space. This book will be of much interest to students of cyber security, global governance, technology studies, and international relations

Game Theory for Security Investments in Cyber and Supply Chain Networks

In a constantly and intricately connected world that is going digital, cybersecurity is imperative to not just the success but also the survival of a business. The ubiquitous digital transformation is fueled by a convulsive growth of devices and data that are leading important innovations in the domain of cyber-physical systems. However, this growth has also enabled internal and external threats to skyrocket, depicting the inherent dichotomy. With an evolving threat landscape, a perpetrator has to be successful once, while the defenders have to continually succeed in fending-off attacks to protect critical infrastructure and digital assets. Businesses are facing a barrage of attacks, majority of which have a financial or an espionage motive. Against the hackers, businesses put forth an asymmetric and myopic struggle.Through this dissertation, I contribute to the modeling and analysis of security investments in cyber and supply chain networks considering network vulnerability also nonlinear budget constraints. The latter contributes significantly to the literature on variational inequality, game theory, and cybersecurity by being methodologically relevant to the application and solution of such problems. I also explore cooperation in terms of cybersecurity among firms in a network, providing a quantitative basis to information sharing to explore its financial and policy related benefits. This work extends the current literature in the cooperative game theory and cybersecurity domains

Mobile information systems' security, privacy, and environmental sustainability aspects

[no abstract

Cyber Security Politics

This book examines new and challenging political aspects of cyber security and presents it as an issue defined by socio-technological uncertainty and political fragmentation. Structured along two broad themes and providing empirical examples for how socio-technical changes and political responses interact, the first part of the book looks at the current use of cyber space in conflictual settings, while the second focuses on political responses by state and non-state actors in an environment defined by uncertainties. Within this, it highlights four key debates that encapsulate the complexities and paradoxes of cyber security politics from a Western perspective – how much political influence states can achieve via cyber operations and what context factors condition the (limited) strategic utility of such operations; the role of emerging digital technologies and how the dynamics of the tech innovation process reinforce the fragmentation of the governance space; how states attempt to uphold stability in cyberspace and, more generally, in their strategic relations; and how the shared responsibility of state, economy, and society for cyber security continues to be re-negotiated in an increasingly trans-sectoral and transnational governance space. This book will be of much interest to students of cyber security, global governance, technology studies, and international relations

Designing for cyber security risk-based decision making.

Techniques for determining and applying cyber security decisions typically follow risk- based analytical approaches where alternative options are put forward based on goals and context, and weighed in accordance to risk severity metrics. These decision making approaches are however difficult to apply in risk situations bounded by uncertainty as decision alternatives are either unknown or unclear. This problem is further compounded by the rarity of expert security decision makers and the far-reaching repercussions of un-informed decision making. The nature of operations in cyber security indicates that only a handful of systems are independent of the human operators, exposing the majority of organisations to risk from security threats and risks as a product of human decision making limitations. Addressing the problem requires considering factors contributing to risk and uncertainty during the early stages of system design, motivating the development of systems that are not only usable and secure, but that facilitate informed decision making as a central goal. The thesis investigates this by posing the question; what system design techniques should be taken into consideration to facilitate cyber security decision making during situations of risk and uncertainty? The research was approached qualitatively with interviews as the main data elicitation approach. Grounded Theory was applied to five security decision making studies to inductively elicit, model, and validate design requirements for Risk-based Decision Making in cyber security. Contributions arising from thesis work are: an identification of factors contributing to security analysts’ risk practices and understanding, a model for communicating and tracing risk rationalisation by cyber security decision makers, a conceptual model illustrating the various concepts in cyber security decision making and their relationship, and guidelines and suggested implementation techniques guiding the specification of requirements for systems deployed in cyber security Risk-based Decision Making. The thesis is validated by applying the proposed design guidelines to inform an approach used to design a charity’s secure data handling policy

Cyber Security of Critical Infrastructures

Critical infrastructures are vital assets for public safety, economic welfare, and the national security of countries. The vulnerabilities of critical infrastructures have increased with the widespread use of information technologies. As Critical National Infrastructures are becoming more vulnerable to cyber-attacks, their protection becomes a significant issue for organizations as well as nations. The risks to continued operations, from failing to upgrade aging infrastructure or not meeting mandated regulatory regimes, are considered highly significant, given the demonstrable impact of such circumstances. Due to the rapid increase of sophisticated cyber threats targeting critical infrastructures with significant destructive effects, the cybersecurity of critical infrastructures has become an agenda item for academics, practitioners, and policy makers. A holistic view which covers technical, policy, human, and behavioural aspects is essential to handle cyber security of critical infrastructures effectively. Moreover, the ability to attribute crimes to criminals is a vital element of avoiding impunity in cyberspace. In this book, both research and practical aspects of cyber security considerations in critical infrastructures are presented. Aligned with the interdisciplinary nature of cyber security, authors from academia, government, and industry have contributed 13 chapters. The issues that are discussed and analysed include cybersecurity training, maturity assessment frameworks, malware analysis techniques, ransomware attacks, security solutions for industrial control systems, and privacy preservation methods

Cyber Law and Espionage Law as Communicating Vessels

Professor Lubin\u27s contribution is Cyber Law and Espionage Law as Communicating Vessels, pp. 203-225. Existing legal literature would have us assume that espionage operations and “below-the-threshold” cyber operations are doctrinally distinct. Whereas one is subject to the scant, amorphous, and under-developed legal framework of espionage law, the other is subject to an emerging, ever-evolving body of legal rules, known cumulatively as cyber law. This dichotomy, however, is erroneous and misleading. In practice, espionage and cyber law function as communicating vessels, and so are better conceived as two elements of a complex system, Information Warfare (IW). This paper therefore first draws attention to the similarities between the practices – the fact that the actors, technologies, and targets are interchangeable, as are the knee-jerk legal reactions of the international community. In light of the convergence between peacetime Low-Intensity Cyber Operations (LICOs) and peacetime Espionage Operations (EOs) the two should be subjected to a single regulatory framework, one which recognizes the role intelligence plays in our public world order and which adopts a contextual and consequential method of inquiry. The paper proceeds in the following order: Part 2 provides a descriptive account of the unique symbiotic relationship between espionage and cyber law, and further explains the reasons for this dynamic. Part 3 places the discussion surrounding this relationship within the broader discourse on IW, making the claim that the convergence between EOs and LICOs, as described in Part 2, could further be explained by an even larger convergence across all the various elements of the informational environment. Parts 2 and 3 then serve as the backdrop for Part 4, which details the attempt of the drafters of the Tallinn Manual 2.0 to compartmentalize espionage law and cyber law, and the deficits of their approach. The paper concludes by proposing an alternative holistic understanding of espionage law, grounded in general principles of law, which is more practically transferable to the cyber realmhttps://www.repository.law.indiana.edu/facbooks/1220/thumbnail.jp