A crucial question for an ICT organization wishing to improve its security is whether a security policy together with physical access controls protects from socio-technical threats. We study this question formally. We model the information flow defined by what the organization’s employees do (copy, move, and destroy information) and propose an algorithm that enforces a policy on the model, before checking against an adversary if a security requirement holds.
CITATION STYLE
Lenzini, G., Mauw, S., & Ouchani, S. (2016). Analysing the efficacy of security policies in cyber-physical socio-technical systems. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9871 LNCS, pp. 170–178). Springer Verlag. https://doi.org/10.1007/978-3-319-46598-2_12
Mendeley helps you to discover research relevant for your work.