Modelling Socio-Technical Aspects of Organisational Security

Identification of threats to organisations and risk assessment often take into consideration the pure technical aspects, overlooking the vulnerabilities originating from attacks on a social level, for example social engineering, and abstracting away the physical infrastructure. However, attacks on organisations are far from being purely technical. After all, organisations consist of employees. Often the human factor appears to be the weakest point in the security of organisations. It may be easier to break through a system using a social engineering attack rather than a pure technological one. The StuxNet attack is only one of the many examples showing that vulnerabilities of organisations are increasingly exploited on different levels including the human factor. There is an urgent need for integration between the technical and social aspects of systems in assessing their security. Such an integration would close this gap, however, it would also result in complicating the formal treatment and automatic identification of attacks. This dissertation shows that applying a system modelling approach to sociotechnical systems can be used for identifying attacks on organisations, which exploit various levels of the vulnerabilities of the systems. In support of this claim we present a modelling framework, which combines many features. Based on a graph, the framework presents the physical infrastructure of an organisation, where actors and data are modelled as nodes in this graph. Based on the semantics of the underlying process calculus, we develop a formal analytical approach that generates attack trees from the model. The overall goal of the framework is to predict, prioritise and minimise the vulnerabilities in organisations by prohibiting the overall attack or at least increasing the difficulty and cost of fulfilling it. We validate our approach using scenarios from IPTV and Cloud Infrastructure case studies

Pharmacological treatment of obesity and overweight and adverse effects related to drug use

Obesity is a global epidemic with serious health and economic consequences. In Bulgaria, 62 % of men, 51 % of women, and 30 % of children of school age are overweight and obese. The pharmacological treatment of obesity should be only a part of an overall strategy of treating the disease. Currently, drug therapy is recommended only in patients with a BMI of ≥ 30 kg/m2, or with overweight and BMI ≥ 27 kg/m2 when associated with concomitant diseases (e.g., hypertension, type 2 diabetes mellitus).Despite the availability of a large number of preparations, due to serious adverse effects, only a small part have shown sufficiently good results, and have been approved for long-term use.From 2010 Sibutramine is no longer licensed for clinical use, due to concerns about its cardiovascular safety. Results of the SCOUT study demonstrated that long-term administration of the drug resulted in a significant increase in the incidence of non-fatal myocardial infarction and stroke. Headache is the only adverse effect of Lorcaserin, witch frequency is more than 5% according to placebo. Depression and anxiety appear with less frequency. In 2012 is recorded a new combination of Topiramate/Phentermin, and 2014 combination of Naltrexone / Bupropione. European Commission for the control of drugs used in humans (CHMP) gave a positive opinion for the combination Topiramate / Phentermin, due to mental and cardiovascular risk over time. Regarding another combination (naltrexone/bupropion SR), there is a warning about rare but severe psychological side effects

Modeling human behaviour with higher order logic: insider threats

In this paper, we approach the problem of modeling the human component in technical systems with a view on the difference between the use of model and theory in sociology and computer science. One aim of this essay is to show that building of theories and models for sociology can be compared and implemented in Higher Order Logic. We validate this working hypothesis by revisiting Weber's understanding explanation. We focus on constructive realism in the context of logical explanation. We review Higher Order Logic (HOL) as a foundation for computer science and summarize its use of theories relating it to the sociological process of logical explanation. As a case study on modeling human behaviour, we present the modeling and analysis of insider threats as a Higher Order Logic theory in Isabelle/HOL. We show how each of the three step process of sociological explanation can be seen in our modeling of insider's state, its context within an organisation and the effects on security as outcomes of a theorem proving analysis

Externalizing behaviour for analysing system models

Systems models have recently been introduced to model organisationsandevaluate their vulnerability to threats and especially insiderthreats. Especially for the latter these models are very suitable, since insiders can be assumed to have more knowledge about the attacked organisation than outside attackers. Therefore, manyattacks are considerably easier to be performed for insiders than for outsiders. However, current models do not support explicit specification of different behaviours. Instead, behaviour is deeply embedded in the analyses supported by the models, meaning that it is a complex, if not impossible task to change behaviours. Especially when considering social engineering or the human factor in general, the ability to use different kinds of behaviours is essential. In this work we present an approach to make the behaviour a separate component in system models, and explore how to integrate in existing models

Tool-based Risk Assessment of Cloud Infrastructures as Socio-Technical Systems

Assessing risk in cloud infrastructures is difficult. Typical cloud infrastructures contain potentially thousands of nodes that are highly interconnected and dynamic. Another important component is the set of human actors who get access to data and computing infrastructure. The cloud infrastructure therefore constitutes a socio-technical system. Attacks on socio-technical systems are still mostly identified through expert brainstorming. However, formal risk assessment for systems including human actors requires modeling human behavior, which is difficult at best. In this chapter, we present a modeling exercise for cloud infrastructures using the socio-technical model developed in the TRESPASS project; after showing how to model typical components of a cloud infrastructure, we show how attacks are identified on this model and discuss their connection to risk assessment. The technical part of the model is extracted automatically from the configuration of the cloud infrastructure, which is especially important for systems so dynamic and complex

Attack tree generation by policy invalidation

Attacks on systems and organisations increasingly exploit human actors, for example through social engineering. This humanising of attacks complicates their formal treatment and automatic identification; formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identified through brainstorming of experts. In this work we formalize attack tree generation including human factors; based on recent advances in system models we develop a technique to identify possible attacks analytically, including technical and human factors. Our systematic attack generation is based on invalidating policies in the system model by identifying possible sequences of actions that lead to an attack. The generated attacks are precise enough to illustrate the threat, and they are general enough to hide the details of individual steps. To the best of our knowledge this is the first formalisation of an approach to generating attack trees including steps on the technical and social level