Towards Automation of Privacy and Security Risks Analysis in Identity Management Systems

被引:0
|
作者
Paintsil, Ebenezer [1 ]
机构
[1] Norwegian Comp Ctr, Oslo, Norway
来源
2013 12TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM 2013) | 2013年
关键词
Security; Privacy; Risk; Analysis;
D O I
10.1109/TrustCom.2013.87
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Currently, risk analysis methods for identity management systems (IDMSs) mainly rely on manual inspections. Manual inspection is time consuming and expensive. This article introduces the executable model-based risk analysis method (EM-BRAM) with the aim of automating privacy and security risks analysis in IDMSs. The EM-BRAM identifies risk factors inherent in IDMSs and uses them as inputs to a colored petri nets (CPNs) model of a targeted IDMS. It then verifies the system's risk using CPNs' state space analysis and queries. We apply the method to analyze privacy and security risk in the OpenID IDMS.
引用
收藏
页码:720 / 727
页数:8
相关论文
共 50 条
  • [1] Evaluation of Privacy and Security Risks Analysis Construct for Identity Management Systems
    Paintsil, Ebenezer
    [J]. IEEE SYSTEMS JOURNAL, 2013, 7 (02): : 189 - 198
  • [2] Towards Automation in Information Security Management Systems
    Brunner, Michael
    Sillaber, Christian
    Breu, Ruth
    [J]. 2017 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY AND SECURITY (QRS), 2017, : 160 - 167
  • [3] Towards Improving Privacy and Security of Identity Management Systems Using Blockchain Technology: A Systematic Review
    Alanzi, Haifa
    Alkhatib, Mohammad
    [J]. APPLIED SCIENCES-BASEL, 2022, 12 (23):
  • [4] PRIVACY AND SECURITY IN OFFICE AUTOMATION SYSTEMS
    CAELLI, WJ
    [J]. AUSTRALIAN COMPUTER JOURNAL, 1985, 17 (03): : 126 - 130
  • [5] Security and Privacy Risks in Artificial Intelligence Systems
    Chen, Yufei
    Shen, Chao
    Wang, Qian
    Li, Qi
    Wang, Cong
    Ji, Shouling
    Li, Kang
    Guan, Xiaohong
    [J]. Jisuanji Yanjiu yu Fazhan/Computer Research and Development, 2019, 56 (10): : 2135 - 2150
  • [6] Macroeconomics of privacy and security for identity management and surveillance
    Katos, Vasilios
    Stowell, Frank
    Bednar, Peter
    [J]. KYBERNETES, 2013, 42 (1-2) : 140 - 163
  • [7] IDENTITY MANAGEMENT ON BLOCKCHAIN - PRIVACY AND SECURITY ASPECTS
    Panait, Andreea-Elena
    Olimid, Ruxandra F.
    Stefanescu, Alin
    [J]. PROCEEDINGS OF THE ROMANIAN ACADEMY SERIES A-MATHEMATICS PHYSICS TECHNICAL SCIENCES INFORMATION SCIENCE, 2020, 21 (01): : 45 - 52
  • [8] Towards accountable management of privacy and identity information
    Mont, MC
    Pearson, S
    Bramhall, P
    [J]. COMPUTER SECURITY - ESORICS 2003, PROCEEDINGS, 2003, 2808 : 146 - 161
  • [9] Security and Privacy Risks for Remote Healthcare Monitoring Systems
    Ianculescu, Marilena
    Coardos, Dora
    Bica, Ovidiu
    Vevera, Victor
    [J]. 2020 INTERNATIONAL CONFERENCE ON E-HEALTH AND BIOENGINEERING (EHB), 2020,
  • [10] Enhancing Privacy in Identity Management Systems
    Gevers, Steven
    Verslype, Kristof
    De Decker, Bart
    [J]. WPES'07: PROCEEDINGS OF THE 2007 ACM WORKSHOP ON PRIVACY IN ELECTRONIC SOCIETY, 2007, : 60 - 63
12345