Trust and Reputation for Critical Infrastructure Protection

Tese de doutoramento em Engenharia Informática, apresentada ao Departamento de Engenharia Informática da Faculdade de Ciências e Tecnologia da Universidade de CoimbraAtualmente a sociedade contemporânea tem ao seu dispor um sem numero de serviços que suportam toda a economia globalizada em que vivemos bem como o nosso modo de vida. Serviços como distribuição de energia, água, gás, redes de transportes, telecomunicações, a Internet, entre outros, são atualmente parte integrante da vida dos cidadãos e das empresas. Estes serviços estão de tal forma presentes nas nossas vidas que a sua relevância e o grau de dependência aos serviços, apenas é sentido aquando da sua indisponibilidade. Este tipo de serviço dos quais depende o nosso modo de vida, são fornecidos por infraestruturas críticas, assim referidas pois a sua falha ou quebra da qualidade do serviço prestado pode ter um grande impacto na sociedade ou economia de um País. Para além dos fenómenos da natureza e dos riscos inerentes à sua própria exploração, os riscos que estas infraestruturas correm têm vindo a aumentar ao atrair cada vez mais o interesse de grupos de hackers e terroristas, principalmente pela forte visibilidade e consequências que mesmo um pequeno ataque pode acarretar. De entre os problemas inerentes ao funcionamento das infraestruturas críticas destaca-se o fato da existência de dependências ou interdependências entre infraestruturas. Veja-se o exemplo do serviço de telecomunicações que está por natureza dependente do fornecimento de energia elétrica ou dos serviços bancários que estão dependentes de ambos. Mas não está atualmente o fornecimento de energia dependente dos serviços de telecomunicações e dos seus sistemas de informação? Destes exemplos torna-se visível que, para além da (inter)dependência que possa existir, é necessário analisar também os efeitos em cascata que podem surgir após a falha de uma infraestrutura. Com o objetivo de promover a segurança em infraestruturas críticas, vários governos, em conjunto com a comunidade científica, promovem esforços de investigação nesta área. Em particular, nas áreas da distribuição de energia e das telecomunicações. Ao nível da União Europeia, existe grande determinação para promover projetos nesta área, em particular, projetos que promovem a troca de informação entre infraestruturas, na forma de alertas de risco, prevenindo os Operadores das infraestruturas relativamente a um aumento de risco de perda ou quebra de qualidade do serviço fornecido. Esta troca permite que as infraestruturas possam aplicar atempadamente os seus planos de contingência ou recuperação, minimizando eventuais quebras de serviço e consequentemente reduzindo o indesejado efeito de falha em cascata. A motivação para o trabalho apresentado nesta tese, surgiu da identificação dos principais aspectos em aberto relativos à troca e gestão de alertas de risco entre infraestruturas críticas. Muitas das abordagens existentes relativas à segurança em infraestruturas críticas focam-se na obtenção de níveis de risco através do uso de modelos mais ou menos complexos das infraestruturas. Apesar de estes modelos permitirem uma base sólida para a monitorização do risco, não apresentam mecanismos para a sua troca, gestão e avaliação de qualidade. Este trabalho aborda o problema relacionado com a confiança, reputação e gestão de alertas de risco no seio das infraestruturas críticas. Nesse sentido é proposta a introdução de mecanismos que permitam gerir e aferir em cada instante, o grau de confiança atribuído a cada um dos alertas de risco recebidos ou calculados internamente, permitindo melhorar a sua precisão e consequentemente melhorar também a resiliência da infraestrutura critica quando confrontada com alertas de riscos imprecisos ou inconsistentes. Na tese é abordado o problema da segurança em infraestruturas críticas interdependentes e identificados os principais problemas inerentes à troca de informação de risco, em particular, a forma de efetuar a partilha de informação de uma forma segura, a gestão dessa mesma partilha e a avaliação da fiabilidade da informação envolvida na partilha. Propõe-se nesta tese, a aplicação de mecanismos de gestão baseados no paradigma de gestão por politicas para a gestão da partilha de alertas de risco entre infraestruturas críticas. Com o objetivo de melhorar a gestão da partilha e posterior interpretação dos alertas de risco, é proposta a introdução da análise de confiança e reputação na avaliação da fiabilidade da informação envolvida na partilha e na avaliação do comportamento das entidades envolvidas. As propostas apresentadas nesta tese são discutidas e aplicadas no âmbito do projeto Europeu MICIE (Tool for systemic risk analysis and secure mediation of data exchanged across linked CI information infrastructures), em particular, no que se refere à solução proposta para a gestão da partilha de alertas de risco, que em conjunto com os indicadores de confiança e reputação propostos, permitem melhorar a proteção de cada infraestrutura relativamente ao uso de informação menos confiável ou inconsistente. Apresenta-se também a adaptação dos conceitos propostos ao CI Security Model, um modelo de análise de risco em tempo real, no qual as falhas identificadas são atenuadas com a introdução da análise de confiança e reputação proposta nesta tese. Os resultados da avaliação das propostas apresentadas são discutidos com base em cenários de simulação bem como através de dados reais de uma infraestrutura crítica. Os resultados obtidos indicam que as propostas apresentadas satisfazem os objectivos definidos, nomeadamente, ao contribuir para o aumento da confiança que uma infraestrutura crítica tem relativamente à informação recebida em tempo real acerca dos serviços dos quais depende, ao permitir uma melhor gestão dessa mesma informação e também ao contribuir para o aumento da fiabilidade dos resultados provenientes dos modelos de risco em uso na infraestrutura.Currently, our society has at its disposal an uncountable number of services able to support the global economy and also our current way of life. Services such as power distribution, water, gas, transport networks, telecommunications, the Internet, among others, are now an integral part of the citizens' lives and businesses. These services play such a big role in our lives that their importance is only appreciated when they are unavailable. These types of services, that our lives so heavily depend on, are provided by Critical Infrastructures. They are referred to as ``Critical" due to the fact that in case of failure or breakdown in providing quality of service, the impact on society and the economy of a country can be enormous. Beyond the phenomena of nature and risks inherent to the infrastructure operation, the risks faced by these infrastructures have continuously increasing, by attracting interest from groups of hackers and terrorist groups. Primarily due to the strong visibility and consequences that may result even from a small successful attack. Among the problems inherent to the operation of Critical Infrastructures, it is possible to emphasise the existence of dependencies and interdependencies among infrastructures. For example, a telecommunications service is inherently dependent on the electricity supply or, for instance, banking services are dependent on both telecommunications and energy supply services. However, is it not the service that provides power supply actually dependent on telecommunications services and also on information systems? Based on these examples it becomes apparent that in addition to the (inter)dependence that may exist, it is also necessary to examine the cascading effects that may arise after the failure of a Critical Infrastructure. Critical Infrastructures security has been the subject of discussion by numerous governments with the support of the academia by promoting research efforts in these areas, in particular in areas such as power distribution and telecommunications. Furthermore, within the European Union, there is determination to promote projects in these areas, in particular the promotion of projects that foster the exchange of information, in the form of warnings, among infrastructures. These warnings allow the Critical Infrastructure to be informed and aware of the increasing risk of loss or reduction in quality of the service received. This exchange allows the infrastructure to timely implement their contingency and recovery plans to minimise any service breaks and consequently minimise the unwanted effect of a cascading failure. The motivation for the work presented in this thesis arose from the identification of the main open issues relating to the exchange and management of risk warnings among Critical Infrastructures. Many of the existing approaches to security in Critical Infrastructures are focused on obtaining risk levels through the use of models based on the infrastructure. Although these models allow a solid foundation for risk monitoring, they do not have mechanisms for exchange, management and assessment of its quality. This work addresses the problem related to trust, reputation and risk alerts management within Critical Infrastructures. Accordingly, it is proposed to introduce mechanisms to manage and measure at each instant, the degree of confidence assigned to each of the alerts received or computed internally. Allowing improvement of their accuracy and consequently improving the resilience of Critical Infrastructures when faced with inaccurate or inconsistent risk alerts. This thesis addresses the problem of interdependent Critical Infrastructure security and identifies the main problems related to risk information sharing. In particular, how to allow information sharing in a secure manner, the management of that sharing and how to assess the reliability of such information. This thesis proposes the application of Policy Based Management mechanisms for the management of the risk alert information shared among Critical Infrastructures. In order to improve the information sharing management and the further interpretation of the risk alerts, it is proposed to evaluate Trust and Reputation in order to assess the shared information and also to consider the behaviour of the entities involved. The proposals presented in this thesis are discussed and applied in the context of the European Project MICIE ({Tool for systemic risk analysis and secure mediation of data exchanged across linked CI information infrastructures). In particular with regard to the proposed solution for the management of shared risk alerts, which uses the Policy Based Management paradigm. By incorporating the proposed Trust and Reputation indicators it allows to improve the Critical Infrastructure protection considering the use of untrustworthy or inconsistent information. It is also proposed the adaptation of the presented concepts to the CI Security Model, a model for real time risk analysis evaluation, in which the identified shortcomings are addressed with the integration of the Trust and Reputation approach proposed in this thesis. The results of the proposals evaluation are discussed based on simulation scenarios as well as through real data of a Critical Infrastructure. The achieved results indicate that the proposed mechanisms meet the objectives such as, by contributing to the increase in confidence that a Critical Infrastructure has on the information received about the services on which it depends. To allow improvement in management of such information as well as contribution to increased reliability of results obtained from the risk models applied to the infrastructure.FCT - (SFRH BD/35772/2007

Data ethics : building trust : how digital technologies can serve humanity

Data is the magic word of the 21st century. As oil in the 20th century and electricity in the 19th century: For citizens, data means support in daily life in almost all activities, from watch to laptop, from kitchen to car, from mobile phone to politics. For business and politics, data means power, dominance, winning the race. Data can be used for good and bad, for services and hacking, for medicine and arms race. How can we build trust in this complex and ambiguous data world? How can digital technologies serve humanity? The 45 articles in this book represent a broad range of ethical reflections and recommendations in eight sections: a) Values, Trust and Law, b) AI, Robots and Humans, c) Health and Neuroscience, d) Religions for Digital Justice, e) Farming, Business, Finance, f) Security, War, Peace, g) Data Governance, Geopolitics, h) Media, Education, Communication. The authors and institutions come from all continents. The book serves as reading material for teachers, students, policy makers, politicians, business, hospitals, NGOs and religious organisations alike. It is an invitation for dialogue, debate and building trust! The book is a continuation of the volume “Cyber Ethics 4.0” published in 2018 by the same editors

Adapting information operations to a changing world: Future options for the United States government

In 1998, the Department of Defense in the United States released the first of a series of seminal policies on Information Operations (IO). Entitled Joint Publication 3-13, this instruction laid out for the first time, in an unclassified format, how the American military forces could utilise this particular element of power. As a relative newly defined activity, this publication proposed to revolutionise the manner in which warfare, diplomacy, business and a number of other areas are conducted. However, this radical transformation in the United States government with regard to IQ has not occurred over the last decade and a significant gap exists in the capability of the federal bureaucracy to support operations in this arena. While strategic policy and doctrine have been developed and promulgated, in most cases only by the Department of Defense, the actual conduct of IO activities and campaigns across the United States, are normally performed at a much more tactical level. This delta between theory and reality exists because the interagency organisations are often unwilling or unable to make the transformational changes that are needed to best utilise information as an element of power. In this research, the author has developed definitions and models that articulate not only why this delta exists, but also specific strategies for utilising IO in a manner by the United States federal organisations that best optimises the inherent capabilities of this element of power. Specific recommendations are noted below, and will be laid out in greater detail throughout the paper : Develop an Academic Theoretical Construct for IO; Understand that Different Approaches and Processes are Needed to Support IO; Establish an International IO Standards Effort & Meeting the IO Training Needs

How Utilizing an Online Holistic Social Media Group Impacts Symptoms and Quality of Life in Individuals with Anxiety

The continuum between health and illness is a dynamic state influenced by stress. People are complex beings designed with interrelated parts composing a unique whole. Stress\u27s disruption in the homeostatic balance can result in disease states in the body, mind, soul, and relationships. Panic disorder is one of these manifestations. This disorder causes physical and cognitive symptoms which impair quality of life. Although evidence-based treatments exist for panic disorder, barriers are evident for effective dissemination. This phenomenological study explored the experience of six individuals with anxiety disorder in a 30-day holistic, online social media group. Throughout the study, interviews and surveys will be conducted to assess symptom reduction and increased quality of life indicators. The group was conducted according to a BPSS model. Activities were derived from a mindfulness foundation and included exercise (walking), journaling (writing), spiritual mindfulness (worshipping) and relationship (witnessing) in online support of a group setting. It was expected that utilizing a holistic, online social media group would decrease anxiety disorder symptoms and increase the quality of life in these individuals

Medical Identity Theft and Palm Vein Authentication: The Healthcare Manager\u27s Perspective

The Federal Bureau of Investigation reported that cyber actors will likely increase cyber intrusions against healthcare systems and their concomitant medical devices because of the mandatory transition from paper to electronic health records, lax cyber security standards, and a higher financial payout for medical records in the deep web. The problem addressed in this quantitative correlational study was uncertainty surrounding the benefits of palm vein authentication adoption relative to the growing crime of medical identity theft. The purpose of this quantitative correlational study was to understand healthcare managers\u27 and doctors\u27 perceptions of the effectiveness of palm vein authentication technology. The research questions were designed to investigate the relationship between intention to adopt palm vein authentication technology and perceived usefulness, complexity, security, peer influence, and relative advantage. The unified theory of acceptance and use of technology was the theoretical basis for this quantitative study. Data were gathered through an anonymous online survey of 109 healthcare managers and doctors, and analyzed using principal axis factoring, Pearson\u27s product moment correlation, multiple linear regression, and 1-way analysis of variance. The results of the study showed a statistically significant positive correlation between perceived usefulness, security, peer influence, relative advantage, and intention to adopt palm vein authentication. No statistically significant correlation existed between complexity and intention to adopt palm vein authentication. These findings indicate that by effectively using palm vein authentication, organizations can mitigate the risk of medical fraud and its associated costs, and positive social change can be realized

Fear drop and fear change. Perceptions of security in the 21st century: their formation, trends, and impact in society

This thesis is an exploratory study of perceptions of security in the 21st century, the way they form and have developed in recent decades, as well as their impact in society. The study is rooted in the criminological sub-discipline of fear of crime studies, a research tradition that developed in the second half of the last century. At that time, the level of violent (street) and property crimes was rising in western societies, while public fear of this crime was thought to form a social problem in itself. The research tradition that developed yielded an extensive body of knowledge on, for instance, the operationalisation, measurement, and determinants of fear of crime, but remained less developed in theory formation and aspects such as development of fear of crime over time and its impact in society. From the last decade of the 20th century, in western societies the prevalence of ‘traditional’ crime decreased substantially (the ‘crime drop’), while the new millennium confronted these societies with new types of crime and related threats that shook the public (the ‘crime change’). The research tradition of fear of crime studies has not shown great agility in accommodating these changes, while these have made the need for a more thorough theoretical foundation even greater. Therefore, an exploratory exercise was undertaken that, based on a mix of empirical and conceptual studies and reviews of the literature, resulted in a process-oriented perspective on perceptions of security. This perspective is founded on an interdisciplinary theoretical base, in which notions from social-psychology (and stress-studies in particular) and complexity science form a major part. The study makes plausible that ‘new fears’ (such as fear of terrorism, cybercrime or even the corona pandemic) form in similar ways as ‘traditional’ fear of crime and yield similar ‘stone in the pond’ effects in society. These effects feed back into the process in which perceptions of security form, making this process circular by definition. The study also shows that, similar to what has been observed in the prevalence of crime, both a fear drop and a fear change can be observed in western societies: the prevalence of ‘traditional’ fear of crime decreased, while ‘new fears’ emerged and increased in prevalence