Model the System from Adversary Viewpoint: Threats Identification and Modeling

Security attacks are hard to understand, often expressed with unfriendly and limited details, making it difficult for security experts and for security analysts to create intelligible security specifications. For instance, to explain Why (attack objective), What (i.e., system assets, goals, etc.), and How (attack method), adversary achieved his attack goals. We introduce in this paper a security attack meta-model for our SysML-Sec framework, developed to improve the threat identification and modeling through the explicit representation of security concerns with knowledge representation techniques. Our proposed meta-model enables the specification of these concerns through ontological concepts which define the semantics of the security artifacts and introduced using SysML-Sec diagrams. This meta-model also enables representing the relationships that tie several such concepts together. This representation is then used for reasoning about the knowledge introduced by system designers as well as security experts through the graphical environment of the SysML-Sec framework.Comment: In Proceedings AIDP 2014, arXiv:1410.322

Semantics for incident identification and resolution reports

In order to achieve a safe and systematic treatment of security protocols, organizations release a number of technical briefings describing how to detect and manage security incidents. A critical issue is that this document set may suffer from semantic deficiencies, mainly due to ambiguity or different granularity levels of description and analysis. An approach to face this problem is the use of semantic methodologies in order to provide better Knowledge Externalization from incident protocols management. In this article, we propose a method based on semantic techniques for both, analyzing and specifying (meta)security requirements on protocols used for solving security incidents. This would allow specialist getting better documentation on their intangible knowledge about them.Ministerio de Economía y Competitividad TIN2013-41086-

K-bass: A Knowledge–Based Access Security System For Medical Environments

Enforcing security requires the application of an access control model. The access control models used today have limitations that become evident when applied in collaborative environments, such as medical environments. To overcome these problems, a system has been developed in order to introduce dynamic access security. The system at hand combines effectively (C-TMAC) Team-based access control using contexts model and knowledge base technology. The system’s security scheme fine-grains the users’ access rights by integrating the Role Based Access Controls (RBAC) model and the (C-TMAC) model through knowledge-based systems technology. The originality lies on the fact that the users in the system are authenticated by combining their individual access rights (RBAC), their team’s access rights (C-TMAC) and the context information associated with the team they belong to. Furthermore, knowledge-based technology is used for the representation of knowledge and reasoning. The system initiates with some facts and rules and is able to learn, infer knowledge and produce meta-knowledge. Therefore the system can train itself and respond in non-deterministic way to user requests. Any change in context information fires a new rule in the knowledge base. The proposed system is an automated and self-controlled system called (K-BASS) Knowledge-based Access Security System that may be used in medical environments, to dynamically assign permission rights and to add new medical staff and patients

Specifying and Verifying Meta-Security by Means of Semantic Web Methods

In order to achieve a systematic treatment of security protocols, organizations release a number of technical briefings for describing how security incidents have to be managed. These documents can suffer semantic deficiencies, mainly due to ambiguity or different granularity levels of description and analysis. Ontological Engineering (OE) is a powerful instrument that can be applied for both, cleaning methods and knowledge in incident protocols, and specifying (meta)security requirements on protocols for solving security incidents. We also show how the ontology built from security reports can be used as the knowledge core for semantic systems in order to work with resolution incidents in a safe way. The method has been illustrated with a case studyJunta de Andalucía TIC-606

A Semantic Approach to Secure Collaborative Inter-Organizational eBusiness Processes (SSCIOBP)

The information supply chain (ISC) involves the exchange, organization, selection, and synthesis of relevant knowledge and information about production, purchase planning, demand forecasting, and inventory among collaborating business partners in a value chain. Information and knowledge sharing in an ISC occurs in a business process context. Seamless knowledge exchange within and across organizations involved in secure business processes is critically needed to secure and cultivate the information supply chain. Extant literature does not explicitly consider or systematically represent component knowledge, process knowledge and security knowledge for business processes within and across organizations. As a result, organizations engaged in collaborative inter-organizational processes continue to be plagued with issues such as semantic conflict issues, lack of integration of heterogeneous systems, and lack of security knowledge regarding authorized access to resources. Without appropriate security controls, manual interventions lead to unauthorized access to resources. These problems motivate our Semantic Approach to Secure Collaborative Inter-Organizational eBusiness Processes (SSCIOBP). We follow a design science paradigm to identify meta-requirements of SSCIOBP and develop the design artifact. SSCIOBP is evaluated using observational and descriptive evaluation methods following Hevner et al. (2004). We apply our approach to show how the Collaborative Planning Forecasting and Replenishment (CPFR) industry standard models can be enhanced using the proposed design artifact. We apply SSCIOBP to a case study to illustrate its applicability in mapping core business processes of organizations to solve semantic inter-operability issues and systematically incorporate component, process and security knowledge in the design of secure business processes across the information supply chain

Integrating Knowledge Modelling in Business Process Management

In this paper we present a new approach for integrating Business Process Management and Knowledge Management. We focus on the modelling of weakly-structured knowledge-intensive business processes. We develop a framework for modelling this type of processes that explicitly considers knowledge-related tasks and knowledge objects and present a workflow tool that is an implementation of our theoretical meta-model. As an example, we sketch one case study, the process for granting full old age pension as it is performed in the Greek Social Security Institution. Finally we briefly describe some related approaches and compare them to our work and draw the main conclusions and further research directions

Proof Theory, Transformations, and Logic Programming for Debugging Security Protocols

We define a sequent calculus to formally specify, simulate, debug and verify security protocols. In our sequents we distinguish between the current knowledge of principals and the current global state of the session. Hereby, we can describe the operational semantics of principals and of an intruder in a simple and modular way. Furthermore, using proof theoretic tools like the analysis of permutability of rules, we are able to find efficient proof strategies that we prove complete for special classes of security protocols including Needham-Schroeder. Based on the results of this preliminary analysis, we have implemented a Prolog meta-interpreter which allows for rapid prototyping and for checking safety properties of security protocols, and we have applied it for finding error traces and proving correctness of practical examples

A socio-cognitive and computational model for decision making and user modelling in social phishing

Systems software quality, and system security in particular, is often compromised by phishing attacks. The latter were relatively easy to detect through phishing content filters, in the past. However, it has been increasingly difficult to stop more recent and sophisticated social phishing attacks. To protect the citizens from new types of phishing attacks, software quality engineers need to provide equally sophisticating preventive technology that models people’s reactions. The authors considered the behaviour of people on the Internet from a socio-cognitive perspective and deduced who could be more prone to be spoofed by social phishing techniques. The authors herein propose a computational and interdisciplinary metamodelling methodology, which can assist in capturing and understanding people’s interactive behaviour when they are online. Online behaviour can reveal Internet users’ knowledge, information, and beliefs in a given social context; these could also constitute significant factors for trust in social phishing circumstances which, in turn, can provide valuable insights and decision making meta-knowledge for recognition of potential victims of phishers. The proposed modelling approach is illustrated and explained using real-life phishing cases. This meta-model can i) help social computing and phishing researchers to understand users’ trust decisions from a socio-cognitive perspective, and ii) open ways to integrate artificial intelligence design techniques within software quality management practices in order to protect citizens from being spoofed by social phishing attacks. Thus, this software design quality approach will increase system security as a proactive maintenance strategy

The conundrum of conservation agriculture and livelihoods in Southern Africa

Low crop productivity, food insecurity, hunger and malnutrition; inadequate farming knowledge and skills, implements and inputs are characteristic of smallholder agriculture in Southern Africa. Many researchers argue that conservation agriculture can guarantee higher crop productivity, food security, improved livelihoods and environmental protection, better than the unsustainable traditional systems of slash and burn practices. In this paper, we present the results of a meta-analysis of over 40 academic publications to review conservation agriculture’s role in influencing desired livelihood outcomes in Southern Africa. We conclude that the effectiveness of conservation agriculture towards better livelihood outcomes in Southern Africa remains debatable, especially when supportive government policies are lacking