Australian commercial-critical infrastructure management protection

Secure management of Australia\u27s commercial critical infrastructure presents ongoing challenges to owners and the government. Although managed via a high-level information sharing collaboration of government and business, critical infrastructure protection is further complicated by the lack of a lower-level scalable model exhibiting its various levels, sectors and sub-sectors. This research builds on the work of Marasea (2003) to establish a descriptive critical infrastructure model and also considers the influence and proposed modelling of critical infrastructure dependency inter-relationships.<br /

A model and framework for online security benchmarking

The variety of threats and vulnerabilities within the online business environment are dynamic and thus constantly changing in how they impinge upon online functionality, compromise organizational or customer information, contravene security implementations and thereby undermine online customer confidence. To nullify such threats, online security management must become proactive, by reviewing and continuously improving online security to strengthen the enterpriseis online security measures and policies, as modelled. The benchmarking process utilises a proposed benchmarking framework to guide both the development and application of security benchmarks created in the first instance, from recognized information technology (IT) and information security standards (ISS) and then their application to the online security measures and policies utilized within online business. Furthermore, the benchmarking framework incorporates a continuous improvement review process to address the relevance of benchmark development over time and the changes in threat focus.<br /

Analysis and modelling of critical infrastructure systems

The increasing complexity and interconnectedness of critical infrastructure systems, including the information systems and communication networks that support their existence and functionality, poses questions and challenges. Particularly, in terms of modelling and analysis of the security, survivability and ultimately reliability and continued availability of critical infrastructure systems and the services they deliver to modern society. The focus of this research enquiry is with regard to critiquing and modelling critical infrastructure systems. There are numerous systems analyse and modelling approaches that outline any number of differing methodological approaches, each with their own characteristics, expertise, strengths and weaknesses. The intention of this research is to investigate the merit of applying a &lsquo;softer&rsquo; approach to critical infrastructure system security analysis and modelling that broadly views the systems in holistic terms, including their relationships with other systems. The intention is not to discuss or criticise existing research applying quantitative approaches, but to discuss a &lsquo;softer&rsquo; system analysis and modelling approach in a security context that is adaptable to analysis modelling of critical infrastructure systems.<br /

Considerations for modelling critical infrastructure systems

The paper commences by reviewing and examining the structure of critical infrastructure systems from a holistic viewpoint, before venturing towards determining what are the necessary considerations required for modelling a specific system within the layered structural context of the larger holistic system.<br /

E-business security benchmarking : a model and framework

The dynamic nature of threats and vulnerabilities within the e-business environment can impede online functionality, compromise organisational or customer information, contravene security implementations and thereby undermine online customer confidence. To negate these problems, e-business security has to become proactive, by reviewing and continuously improving security to strengthen e-business security measures and policies. This can be accomplished through benchmarking the security measures and policies utilised within the e-business, against recognised Information Technology (IT) and Information Security (IS) security standards.<br /

Security analysis and modelling framework for critical infrastructure systems

The provision and delivery of many of the services that modern society enjoys are the result of ubiquitous critical infrastructure systems that permeate across many sectors of the Australian community. Moreover, the integration of technological enhancements and networking interconnections between critical infrastructure systems has heightened system interdependence, availability and resilience, including the efficient delivery of services to consumers within Australia\u27s industrialised society. This research delivers a system security analysis and system modelling framework tool based on an associated conceptual methodology as the basis for assessing security and conceptually modelling a critical infrastructure system incident. The intent to identify potential system security issues and gain operational insights that will contribute to improving system resilience, contingency planning development applicable to disaster recovery and ameliorating incident management responses for Australian critical infrastructure system incidents.<br /

Critical infrastructure protection, modelling and management: an Australian commercial case study

This research extends upon the previous work of Pye and Warren (2005) and presents a refinement of the previously proposed critical infrastructure model to enhance further our understanding and apprecication of where the likely inter-play and existance of dependency relationships between infrastructures coexist.These associations are presented as a number of linkages that exist within each sector of Australia\u27a critical infrastructure, which is then extended further to the modelling of dependency inter-relationships that exist between critical infrastructures itilising Petri Nets.&nbsp; The recognition and identification of such reliance relationships between critical infrastructures is necessary to allow both infrastructure owners and the government to identify and effectively manage and maintain the security, stability and availability of their particular critical infrastructure against potential scenario driven effects.&nbsp; These issues are reflected within a case study as modelled using the Petri Net approach to encapsulate the issues of reliance relationships by drawing upon an Australian commercial case study

An emergent security risk : critical infrastructures and information warfare

This paper examines the emergent security risk that information warfare poses to critical infrastructure systems, particularly as governments are increasingly concerned with protecting these assets against attack or disruption. Initially it outlines critical infrastructure systems and the notion of information warfare. It then discusses the potential implications and examining the concerns and vulnerabilities such cyber attacks would pose, utilising exemplar online attack occurrences. It then examines the current Australian situation before suggesting some considerations to mitigate the potential risk that information warfare poses to critical infrastructure systems, and by association: government, industry and the wider community.<br /