122 research outputs found
Tools and techniques for analysing the impact of information security
PhD ThesisThe discipline of information security is employed by organisations to protect the confidentiality,
integrity and availability of information, often communicated in the form of
information security policies. A policy expresses rules, constraints and procedures to guard
against adversarial threats and reduce risk by instigating desired and secure behaviour of
those people interacting with information legitimately. To keep aligned with a dynamic threat
landscape, evolving business requirements, regulation updates, and new technologies a policy
must undergo periodic review and change. Chief Information Security Officers (CISOs) are
the main decision makers on information security policies within an organisation. Making
informed policy modifications involves analysing and therefore predicting the impact of those
changes on the success rate of business processes often expressed as workflows. Security
brings an added burden to completing a workflow. Adding a new security constraint may
reduce success rate or even eliminate it if a workflow is always forced to terminate early. This
can increase the chances of employees bypassing or violating a security policy. Removing an
existing security constraint may increase success rate but may may also increase the risk to
security. A lack of suitably aimed impact analysis tools and methodologies for CISOs means
impact analysis is currently a somewhat manual and ambiguous procedure. Analysis can
be overwhelming, time consuming, error prone, and yield unclear results, especially when
workflows are complex, have a large workforce, and diverse security requirements. This
thesis considers the provision of tools and more formal techniques specific to CISOs to help
them analyse the impact modifying a security policy has on the success rate of a workflow.
More precisely, these tools and techniques have been designed to efficiently compare the
impact between two versions of a security policy applied to the same workflow, one before,
the other after a policy modification.
This work focuses on two specific types of security impact analysis. The first is quantitative
in nature, providing a measure of success rate for a security constrained workflow
which must be executed by employees who may be absent at runtime. This work considers
quantifying workflow resiliency which indicates a workflow’s expected success rate assuming
the availability of employees to be probabilistic. New aspects of quantitative resiliency are introduced in the form of workflow metrics, and risk management techniques to manage
workflows that must work with a resiliency below acceptable levels. Defining these risk
management techniques has led to exploring the reduction of resiliency computation time and
analysing resiliency in workflows with choice. The second area of focus is more qualitative,
in terms of facilitating analysis of how people are likely to behave in response to security
and how that behaviour can impact the success rate of a workflow at a task level. Large
amounts of information from disparate sources exists on human behavioural factors in a
security setting which can be aligned with security standards and structured within a single
ontology to form a knowledge base. Consultations with two CISOs have been conducted,
whose responses have driven the implementation of two new tools, one graphical, the other
Web-oriented allowing CISOs and human factors experts to record and incorporate their
knowledge directly within an ontology. The ontology can be used by CISOs to assess the
potential impact of changes made to a security policy and help devise behavioural controls
to manage that impact. The two consulted CISOs have also carried out an evaluation of the
Web-oriented tool.
vii
Analyzing Robustness of UML State Machines
UML State Machines constitute an integral part of software behavior specification within the Unified Modeling Language (UML). The development of realistic software applications often results in complex and distributed models. Hence, potential errors can be very subtle and hard to locate for the developer. In this paper, we present a set of robustness rules that seek to avoid common types of errors by ruling out certain modelling constructs. Furthermore, adherence to these rules can improve model readability and maintainability. The robustness rules constitute a general Statechart style guide for different dialects, such as UML State Machines, Statemate, and Esterel Studio. Based on this style guide, an automated checking framework has been implemented as a plug-in for the prototypical Statechart modeling tool KIEL. Simple structural checks can be formulated in a compact, abstract manner in the Object Constraint Language (OCL). The framework can also incorporate checks that go beyond the expressiveness of OCL by implementing them in Java directly, which can also serve as a gateway to formal verification tools; we have exploited this to incorporate a theorem prover for more advanced checks. As a case study, we adopted the UML well-formedness rules; this confirmed that individual rules can easily be incorporated into the framework
Temporal reasoning in a logic programming language with modularity
Actualmente os Sistemas de Informação Organizacionais (SIO) lidam cada vez mais com informação que tem dependências temporais. Neste trabalho concebemos um ambiente de trabalho para construir e manter SIO Temporais. Este ambiente assenta sobre um linguagem lógica denominada Temporal Contextua) Logic Programming que integra modularidade com raciocÃnio temporal fazendo com que a utilização de um módulo dependa do tempo do contexto. Esta linguagem é a evolução de uma outra, também introduzida nesta tese, que combina Contextua) Logic Programming com Temporal Annotated Constraint Logic Programming, na qual a modularidade e o tempo são caracterÃsticas ortogonais. Ambas as linguagens são formalmente discutidas e exemplificadas.
As principais contribuições do trabalho descrito nesta tese incluem:
• Optimização de Contextua) Logic Programming (CxLP) através de interpretação abstracta.
• Sintaxe e semântica operacional para uma linguagem que combina de um modo independente as linguagens Temporal Annotated Constraint Logic Programming (TACLP) e CxLP. É apresentado um compilador para esta linguagem.
• Linguagem (sintaxe e semântica) que integra de um modo inovador modularidade (CxLP) com raciocÃnio temporal (TACLP). Nesta linguagem a utilização de um dado módulo está dependente do tempo do contexto. É descrito um interpretador e um compilador para esta linguagem.
• Ambiente de trabalho para construir e fazer a manutenção de SIO Temporais. Assenta sobre uma especificação revista da linguagem ISCO, adicionando classes e manipulação de dados temporais. É fornecido um compilador em que a linguagem resultante é a descrita no item anterior. ABSTRACT- Current Organisational Information Systems (OIS) deal with more and more Infor-mation that, is time dependent. In this work we provide a framework to construct and maintain Temporal OIS. This framework builds upon a logical language called Temporal Contextual. Logic Programming that deeply integrates modularity with tem-poral reasoning making the usage of a module time dependent. This language is an evolution of another one, also introduced in this thesis, that combines Contextual Logic Programming with Temporal Annotated Constraint Logic Programming where modularity and time are orthogonal features. Both languages are formally discussed and illustrated.
The main contributions of the work described in this thesis include:
• Optimisation of Contextual Logic Programming (CxLP) through abstract interpretation.
• Syntax and operational semantics for an independent combination of the temporal framework Temporal Annotated Constraint Logic Programming (TACLP) and CxLP. A compiler for this language is also provided.
• Language (syntax and semantics) that integrates in a innovative way modularity
(CxLP) with temporal reasoning (TACLP). In this language the usage of a given
module depends of the time of the context. An interpreter and a compiler for
this language are described.
• Framework to construct and maintain Temporal Organisational Information Systems. It builds upon a revised specification of the language ISCO, adding temporal classes and temporal data manipulation. A compiler targeting the language presented in the previous item is also given
Proceedings of the 21st Conference on Formal Methods in Computer-Aided Design – FMCAD 2021
The Conference on Formal Methods in Computer-Aided Design (FMCAD) is an annual conference on the theory and applications of formal methods in hardware and system verification. FMCAD provides a leading forum to researchers in academia and industry for presenting and discussing groundbreaking methods, technologies, theoretical results, and tools for reasoning formally about computing systems. FMCAD covers formal aspects of computer-aided system design including verification, specification, synthesis, and testing
- …