Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Executable Model-Based Risk Analysis Method for Identity Management Systems: Using Hierarchical Colored Petri Nets Executable Model-Based Risk Assessment Method for Identity Management Systems
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science. (PriSec)
2013 (English)In: Trust, Privacy, and Security in Digital Business: 10th International Conference, TrustBus 2013, Prague, Czech Republic, August 28-29, 2013. Proceedings / [ed] Furnell, S., Lambrinoudakis, C. & Lopez, J., Springer , 2013, 48-61 p.Conference paper (Refereed)
Abstract [en]

Model-based risk analysis methods use graphical models to facilitate participation, risk communication and documentation and thereby improve the risk analysis process. Currently, risk analysis methods for identity management systems (IDMSs) mainly rely on time consuming and expensive manual inspections and lack graphical models. This article introduces the executable model-based risk analysis method (EM-BRAM) with the aim of addressing these challenges. The EM-BRAM employs graphical models to enhance risk analysis in IDMSs. It identifies risk contributing factors for IDMSs and uses them as inputs to a colored petri nets (CPNs) model of a targeted IDMS. It then verifies the system’s risk using CPNs’ state space analysis and queries. Currently, risk assessment methods for identity management systems (IDMSs) are lacking. This makes it difficult to compare IDMSs based on how they enhance privacy and security of system stakeholders. This article proposes the executable model-based risk assessment method (EM-BRAM) with the aim of addressing this challenge. The EM-BRAM identifies risk factors inherent in IDMSs and uses them as inputs to a colored petri nets (CPNs) model of a targeted IDMS. It then estimates or verifies the system’s security and privacy risks using CPNs’ state space analysis and queries.

Place, publisher, year, edition, pages
Springer , 2013. 48-61 p.
Series
Lecture Notes in Computer Science, 8058
National Category
Computer Science Computer Engineering
Identifiers
URN: urn:nbn:se:kau:diva-46745DOI: 10.1007/978-3-642-40343-9_5ISBN: 978-3-642-40342-2 978-3-642-37282-7 OAI: oai:DiVA.org:kau-46745DiVA: diva2:1037282
Conference
Trust, Privacy, and Security in Digital Business (TrustBus), August 28-29 2013, Prague, Czech Republic
Available from: 2016-10-14 Created: 2016-10-14 Last updated: 2016-10-28Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full text

Search in DiVA

By author/editor
Fritsch, Lothar
By organisation
Department of Mathematics and Computer Science
Computer ScienceComputer Engineering

Search outside of DiVA

GoogleGoogle Scholar

Altmetric score

Total: 13 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf