UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Improving Security Policy Decisions with Models

Caulfield, T; Pym, D; (2015) Improving Security Policy Decisions with Models. IEEE Security and Privacy Magazine , 13 (5) pp. 34-41. 10.1109/MSP.2015.97. Green open access

[thumbnail of cp15-ieee-secpriv.pdf] Text

Download (259kB)


Security managers face the challenge of designing security policies that deliver the objectives required by their organizations. We explain how a rigorous methodology, grounded in mathematical systems modelling and the economics of decision-making, can be used to explore the operational consequences of their design choices and help security managers to make better decisions. The methodology is based on constructing executable system models that illustrate the effects of different policy choices. Models are designed to be composed, allowing complex systems to be expressed as combinations of smaller, complete models. They capture the logical and physical structure of systems, the choices and behavior of agents within the system, and the security managers' preferences about outcomes. Models are parameterized from observations of the real world and the effectiveness of different security policies is explored through simulation. Utility theory is used to describe the extent to which security managers' policies deliver their security objectives.Improving Security Policy Decisions with Models

Type: Article
Title: Improving Security Policy Decisions with Models
Open access status: An open access version is available from UCL Discovery
DOI: 10.1109/MSP.2015.97
Publisher version: http://dx.doi.org/10.1109/MSP.2015.97
Language: English
Additional information: © 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
UCL classification: UCL
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
URI: https://discovery.ucl.ac.uk/id/eprint/1468682
Downloads since deposit
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item