Threat Scenario

14,000,000 Leading Edge Experts on the ideXlab platform

Scan Science and Technology

Contact Leading Edge Experts & Companies

Scan Science and Technology

Contact Leading Edge Experts & Companies

The Experts below are selected from a list of 14538 Experts worldwide ranked by ideXlab platform

Edgar Weippl - One of the best experts on this subject based on the ideXlab platform.

  • security ontologies improving quantitative risk analysis
    Hawaii International Conference on System Sciences, 2007
    Co-Authors: Andreas Ekelhart, Stefan Fenz, Markus Klemen, Edgar Weippl
    Abstract:

    IT-security has become a much diversified field and small and medium sized enterprises (SMEs), in particular, do not have the financial ability to implement a holistic IT-security approach. We thus propose a security ontology, to provide a solid base for an applicable and holistic IT-security approach for SMEs, enabling low-cost risk management and Threat analysis. Based on the taxonomy of computer security and dependability by Landwehr, a heavy-weight ontology can be used to organize and systematically structure knowledge on Threats, safeguards, and assets. Using this ontology, each Threat Scenario can be simulated with a different protection profile as to evaluate the effectiveness and the cost/benefit ratio of individual safeguards

Curran R. - One of the best experts on this subject based on the ideXlab platform.

  • AbSRiM: An Agent-Based Security Risk Management Approach for Airport Operations
    2019
    Co-Authors: Janssen S.a.m., Sharpans'kykh Alexei, Curran R.
    Abstract:

    Security risk management is essential for ensuring effective airport operations. This article introduces AbSRiM, a novel agent-based modeling and simulation approach to perform security risk management for airport operations that uses formal sociotechnical models that include temporal and spatial aspects. The approach contains four main steps: scope selection, agent-based model definition, risk assessment, and risk mitigation. The approach is based on traditional security risk management methodologies, but uses agent-based modeling and Monte Carlo simulation at its core. Agent-based modeling is used to model Threat Scenarios, and Monte Carlo simulations are then performed with this model to estimate security risks. The use of the AbSRiM approach is demonstrated with an illustrative case study. This case study includes a Threat Scenario in which an adversary attacks an airport terminal with an improvised explosive device. The approach provides a promising way to include important elements, such as human aspects and spatiotemporal aspects, in the assessment of risk. More research is still needed to better identify the strengths and weaknesses of the AbSRiM approach in different case studies, but results demonstrate the feasibility of the approach and its potential

  • AbSRiM: An Agent-Based Security Risk Management Approach for Airport Operations
    'Wiley', 2019
    Co-Authors: Janssen S.a.m., Sharpans'kykh Alexei, Curran R.
    Abstract:

    Security risk management is essential for ensuring effective airport operations. This article introduces AbSRiM, a novel agent-based modeling and simulation approach to perform security risk management for airport operations that uses formal sociotechnical models that include temporal and spatial aspects. The approach contains four main steps: scope selection, agent-based model definition, risk assessment, and risk mitigation. The approach is based on traditional security risk management methodologies, but uses agent-based modeling and Monte Carlo simulation at its core. Agent-based modeling is used to model Threat Scenarios, and Monte Carlo simulations are then performed with this model to estimate security risks. The use of the AbSRiM approach is demonstrated with an illustrative case study. This case study includes a Threat Scenario in which an adversary attacks an airport terminal with an improvised explosive device. The approach provides a promising way to include important elements, such as human aspects and spatiotemporal aspects, in the assessment of risk. More research is still needed to better identify the strengths and weaknesses of the AbSRiM approach in different case studies, but results demonstrate the feasibility of the approach and its potential.Aerospace Transport & Operation

Mara Cole - One of the best experts on this subject based on the ideXlab platform.

  • Managing complex socio-technical systems: A proactive approach to airport security
    International Journal of Knowledge-based and Intelligent Engineering Systems, 2014
    Co-Authors: Mara Cole, Maik Maurer
    Abstract:

    The purpose of security checks at airports is to achieve a reduction in the risk of malevolent attacks on the aviation system. The introduction of new security measures aims at reducing this perceived level of risk, and often takes place as a direct reaction to (attempted) attacks. This procedure means that offenders remain one step ahead of security agents. The aim of the approach presented here is to overcome this shortfall by supporting decision-making in the context of airport security by a systematically created knowledge base. The combination of two well-accepted methods – Scenario analysis and structural complexity management – supports a structured knowledge acquisition process that serves as a basis for the proactive identification of system weaknesses. Furthermore, this combination of methods can be applied to the search for optimisation potentials concerned with possible future Threats. The basis for the approach is composed of Threat Scenario components, security measures and dependencies between these elements. A Multiple-Domain Matrix is applied for system modelling. Clustering of Threat Scenarios and intensity of relations to security measures are used for analysis. The interpretation of findings makes use of portfolio representations.

  • towards proactive airport security management supporting decision making through systematic Threat Scenario assessment
    Journal of Air Transport Management, 2014
    Co-Authors: Mara Cole
    Abstract:

    An airport is the gateway which facilitates access to air transport. As a reaction to very diverse attacks on the air transport system during the last decades a broad range of security measures has been introduced to mitigate possible Threats. The challenge to provide a trouble free experience for the passenger and, at the same time, to operate more efficiently calls for a proactive approach. This requires the definition of future requirements that allow an adaptation of the security system. When dealing with uncertainty that future-oriented decisions inevitably display, it is important to gain as much knowledge as possible about a system's general structure. The approach described in this paper systematically documents elements and relationships of the airport security system. It consists of Threat Scenario elements as well as security measures. The development of a software tool, the so-called Scenario Builder, is described and its application for the identification of possible future Threats explained. The presented approach offers intuitive access to the underlying structure of the airport security system. It provides decision makers with a possibility to interact with the system and anticipate effects of Threat development, thereby enabling robust, future-oriented decisions.

  • optimisation of critical infrastructure protection the sive project on airport security
    Critical Information Infrastructures Security, 2009
    Co-Authors: Marcus Breiing, Mara Cole, John Davanzo, Gebhard Geiger, Sascha Goldner, Andreas Kuhlmann, Claudia Lorenz, Alf Papproth, Erhard Petzel, Oliver Schwetje
    Abstract:

    This paper outlines the scientific goals, ongoing work and first results of the SiVe research project on critical infrastructure security. The methodology is generic while pilot studies are chosen from airport security. The outline proceeds in three major steps, (1) building a Threat Scenario, (2) development of simulation models as Scenario refinements, and (3) assessment of alternatives. Advanced techniques of systems analysis and simulation are employed to model relevant airport structures and processes as well as offences. Computer experiments are carried out to compare and optimise alternative solutions. The optimality analyses draw on approaches to quantitative risk assessment recently developed in the operational sciences. To exploit the advantages of the various techniques, an integrated simulation workbench is build up in the project.

Chandan Mazumdar - One of the best experts on this subject based on the ideXlab platform.

  • “Security Concern” as a Metric for Enterprise Business Processes
    IEEE Systems Journal, 2019
    Co-Authors: Preetam Mukherjee, Chandan Mazumdar
    Abstract:

    Measuring the security of business processes of enterprises has become essential in the wake of different Threat Scenarios. During the last two decades, a lot of research has been done on metrics for the network security, software system security, attack severity, situation assessment, etc. In the process level, business impact analysis models and security maturity models, as well as well-established risk analysis methods, exist. With the all-pervasive IT implementation of business processes, it has become imperative for the chief information security officers to come up with metrics for the security of business processes in the context of the relevant Threat Scenario. This paper introduces a novel security metric to assess the business process security, viz., Security Concern. The metric quantitatively measures the “concern” due to various attributes of the security of a business process in the context of the Threat Scenario and asset sensitivity. We present the model of the business process, its assets, their dependencies, exploits, and impacts on assets in a top–down fashion. Based on the model, security concern as a metric has been defined. The bottom–up method of the computation of the metric is explained. It is also demonstrated how the proposed metric can be of practical utility for the horizontal and temporal comparison of the business process security.

Andreas Ekelhart - One of the best experts on this subject based on the ideXlab platform.

  • security ontologies improving quantitative risk analysis
    Hawaii International Conference on System Sciences, 2007
    Co-Authors: Andreas Ekelhart, Stefan Fenz, Markus Klemen, Edgar Weippl
    Abstract:

    IT-security has become a much diversified field and small and medium sized enterprises (SMEs), in particular, do not have the financial ability to implement a holistic IT-security approach. We thus propose a security ontology, to provide a solid base for an applicable and holistic IT-security approach for SMEs, enabling low-cost risk management and Threat analysis. Based on the taxonomy of computer security and dependability by Landwehr, a heavy-weight ontology can be used to organize and systematically structure knowledge on Threats, safeguards, and assets. Using this ontology, each Threat Scenario can be simulated with a different protection profile as to evaluate the effectiveness and the cost/benefit ratio of individual safeguards

Related terms

  • security risk management approaches
  • based security risk management
  • security risk analysis
  • security risk assessment
Threat Scenario - 15 days free trial to Access Experts & Abstracts