Please use this identifier to cite or link to this item:
|Title:||A Service Oriented Approach to the Assessment of Infrastructure Security|
|Authors:||NAI FOVINO IGOR; MASERA MARCELO|
|Type:||Articles in periodicals and books|
|Abstract:||The pervasive use of the information and communication technologies (ICT) in Critical Infrastructures requires the introduction of specific security assessment approaches. The study of the local effects of vulnerabilities and failures has to be put in the context of the whole system, as ICT systems are highly interconnected. In addition most industrial control and communication systems are getting connected with corporate information systems. This facilitates the access from internal and external networks, and converts ICT security assessment in a primary concern. Some approaches have been proposed based on the relationships between structural and functional descriptions and security goals, and at associating vulnerabilities to known attacks. These methodologies are typically based on the analysis of local problems. In the present paper, we want to propose a further step: the systematic correlation and analysis of structural, functional and security information, under a service–oriented light. In order to achieve this objective we propose to center the analysis on the concept of service, linking the interactions among services (modeled as service chains) with that of vulnerabilities, threats and attacks. It is demonstrated how this approach facilitates the assessment of security|
|JRC Institute:||Institute for the Protection and Security of the Citizen|
Files in This Item:
There are no files associated with this item.
Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.