Abstract : Currently, risk assessment methods for identity management systems (IDMSs) are lacking. This makes it difficult to compare IDMSs based on how they enhance privacy and security of system stakeholders. This article proposes the executable model-based risk assessment method (EM-BRAM) with the aim of addressing this challenge. The EM-BRAM identifies risk factors inherent in IDMSs and uses them as inputs to a colored petri nets (CPNs) model of a targeted IDMS. It then estimates or verifies the system’s security and privacy risks using CPNs’ state space analysis and queries.
https://hal.inria.fr/hal-01470506
Contributor : Hal Ifip <>
Submitted on : Friday, February 17, 2017 - 2:48:59 PM Last modification on : Sunday, January 19, 2020 - 6:24:05 PM Long-term archiving on: : Thursday, May 18, 2017 - 2:54:31 PM