Portunes: Representing attack scenarios spanning through the physical, digital and social domain

    Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

    26 Citations (Scopus)

    Abstract

    The security goals of an organization are realized through security policies, which concern physical security, digital security and security awareness. An insider is aware of these security policies, and might be able to thwart the security goals by combining physical, digital and social means. A systematic analysis of such attacks requires the whole environment where the insider operates to be formally represented. This paper presents Portunes, a framework which integrates all three security domains in a single environment. Portunes consists of a high-level abstraction model focusing on the relations between the three security domains and a lower abstraction level language able to represent the model and describe attacks which span the three security domains. Using the Portunes framework, we are able to represent a whole new family of attacks where the insider is not assumed to use purely digital actions to achieve a malicious goal.

    Original languageEnglish
    Title of host publicationAutomated Reasoning for Security Protocol Analysis and Issues in the Theory of Security - Joint Workshop, ARSPA-WITS 2010, Revised Selected Papers
    Pages112-129
    Number of pages18
    DOIs
    Publication statusPublished - 24 Nov 2010
    EventJoint Workshop on Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security, ARSPA-WITS 2010 - Paphos, Cyprus
    Duration: 27 Mar 201028 Mar 2010

    Publication series

    NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
    Volume6186 LNCS
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Conference

    ConferenceJoint Workshop on Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security, ARSPA-WITS 2010
    CountryCyprus
    CityPaphos
    Period27/03/1028/03/10

    Keywords

    • insider threat
    • physical security
    • security awareness
    • security model

    Fingerprint Dive into the research topics of 'Portunes: Representing attack scenarios spanning through the physical, digital and social domain'. Together they form a unique fingerprint.

  • Cite this

    Dimkov, T., Pieters, W., & Hartel, P. (2010). Portunes: Representing attack scenarios spanning through the physical, digital and social domain. In Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security - Joint Workshop, ARSPA-WITS 2010, Revised Selected Papers (pp. 112-129). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6186 LNCS). https://doi.org/10.1007/978-3-642-16074-5_9