Towards a Framework for Collaborative Enterprise Security
Towards a Framework for Collaborative Enterprise Security
The role of human behaviour in enterprise security is one of the little studied aspects. The author proposes a reinforcement model of collaborative security employing basic concepts from game theory, socio-psychology, and probabilistic model-checking. The proposed model aims towards solving the problem of inducing positive network effect to enable user centric monitoring of security violations, in particular, against violations related to â€semantic manipulation†of context dependent logical resources. Preventing such violations using existing security enforcement mechanisms is neither feasible nor cost effective. The author defines a payoff mechanism to formalize the model by stipulating appropriate payoffs as reward, punishment, and community price according to reporting of genuine or false violations, non-reporting of the detected violations, and proactive reporting of vulnerabilities and threats by the users. Correctness properties of the model are defined in terms of probabilistic robustness property and constraints for economic feasibility of the payoffs. For estimating the payoff parameters, system and user behaviours are further modelled in terms of probabilistic finite state machines (PFSM) and likelihood of the success of the model is specified using probabilistic computation tree logic (PCTL). PRISM model checker based automated quantitative analysis elicits the process of the estimation of various parameters in the model using PFSMs and PCTL formulas.
CITATION: Misra, Janardan. Towards a Framework for Collaborative Enterprise Security edited by Gupta, Manish . Hershey, PA : IGI Global , 2012. Threats, Countermeasures, and Advances in Applied Information Security - Available at: https://library.au.int/towards-framework-collaborative-enterprise-security