About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
Eighth EAI International Conference on Simulation Tools and Techniques

Research Article

Modelling and Simulating Systems Security Policy

Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.4108/eai.24-8-2015.2260765,
        author={Tristan Caulfield and David Pym},
        title={Modelling and Simulating Systems Security Policy},
        proceedings={Eighth EAI International Conference on Simulation Tools and Techniques},
        publisher={ACM},
        proceedings_a={SIMUTOOLS},
        year={2015},
        month={8},
        keywords={composition decision location logic modelling policy process resource security semantics simulation},
        doi={10.4108/eai.24-8-2015.2260765}
    }
    
  • Tristan Caulfield
    David Pym
    Year: 2015
    Modelling and Simulating Systems Security Policy
    SIMUTOOLS
    ICST
    DOI: 10.4108/eai.24-8-2015.2260765
Tristan Caulfield1,*, David Pym1
  • 1: University College London
*Contact email: t.caulfield@ucl.ac.uk

Abstract

Security managers face the challenge of designing security policies that deliver the objectives required by their organizations. We explain how a rigorous modelling framework and methodology—grounded in semantically justified mathematical systems modelling, the economics of decision-making, and simulation—can be used to explore the operational consequences of their design choices and help security managers to make better decisions. The methodology is based on constructing executable system models that illustrate the effects of different policy choices. Models are compositional, allowing complex systems to be expressed as combinations of smaller, complete models. They capture the logical and physical structure of systems, the choices and behaviour of agents within the system, and the security managers’ preferences about outcomes. Utility theory is used to describe the extent to which security managers’ policies deliver their security objectives. Models are parametrized based on data obtained from observations of real-world systems that correspond closely to the examples described.

Keywords
composition decision location logic modelling policy process resource security semantics simulation
Published
2015-08-27
Publisher
ACM
http://dx.doi.org/10.4108/eai.24-8-2015.2260765
Copyright © 2015–2025 ICST
EBSCOProQuestDBLPDOAJPortico
EAI Logo

About EAI

  • Who We Are
  • Leadership
  • Research Areas
  • Partners
  • Media Center

Community

  • Membership
  • Conference
  • Recognition
  • Sponsor Us

Publish with EAI

  • Publishing
  • Journals
  • Proceedings
  • Books
  • EUDL