eprintid: 1468683
rev_number: 25
eprint_status: archive
userid: 608
dir: disk0/01/46/86/83
datestamp: 2015-11-30 14:04:19
lastmod: 2022-01-18 23:38:43
status_changed: 2015-11-30 14:04:19
type: conference_item
metadata_visibility: show
item_issues_count: 0
creators_name: Caulfield, T
creators_name: Pym, D
title: Modelling and simulating systems security policy
divisions: UCL
divisions: B04
divisions: C05
divisions: F48
keywords: Composition, Decision, Location, Logic, Modelling, Policy, Process, Resource, Security, Semantics, Simulation
note: Copyright © 2015–2015 ICST. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in Eighth EAI International Conference on Simulation Tools and Techniques, http://dx.doi.org/10.1145/10.4108/eai.24-8-2015.2260765
abstract: Security managers face the challenge of designing security policies that deliver the objectives required by their organizations. We explain how a rigorous modelling framework and methodology - grounded in semantically justified mathematical systems modelling, the economics of decision-making, and simulation - can be used to explore the operational consequences of their design choices and help security managers to make better decisions. The methodology is based on constructing executable system models that illustrate the effects of different policy choices. Models are compositional, allowing complex systems to be expressed as combinations of smaller, complete models. They capture the logical and physical structure of systems, the choices and behaviour of agents within the system, and the security managers' preferences about outcomes. Utility theory is used to describe the extent to which security managers' policies deliver their security objectives. Models are parametrized based on data obtained from observations of real-world systems that correspond closely to the examples described.
date: 2015-08-27
publisher: ICST
official_url: http://dx.doi.org/10.4108/eai.24-8-2015.2260765
vfaculties: VENG
oa_status: green
full_text_type: other
language: eng
primo: open
primo_central: open_green
verified: verified_manual
elements_source: Manually entered
elements_id: 1031892
doi: 10.4108/eai.24-8-2015.2260765
isbn_13: 9781631900792
lyricists_name: Caulfield, Tristan
lyricists_name: Pym, David
lyricists_id: TCAUL00
lyricists_id: DPYMX87
full_text_status: public
publication: SIMUTOOLS 2015 - 8th EAI International Conference on Simulation Tools and Techniques
event_title: Eighth EAI International Conference on Simulation Tools and Techniques
event_location: Athens, Greece
event_dates: 2015
citation:        Caulfield, T;    Pym, D;      (2015)    Modelling and simulating systems security policy.                   Presented at: Eighth EAI International Conference on Simulation Tools and Techniques, Athens, Greece.       Green open access   
 
document_url: https://discovery.ucl.ac.uk/id/eprint/1468683/1/CaulfieldPym.pdf