Abstract : Currently, risk assessment methods for identity management systems (IDMSs) are lacking. This makes it difficult to compare IDMSs based on how they enhance privacy and security of system stakeholders. This article proposes the executable model-based risk assessment method (EM-BRAM) with the aim of addressing this challenge. The EM-BRAM identifies risk factors inherent in IDMSs and uses them as inputs to a colored petri nets (CPNs) model of a targeted IDMS. It then estimates or verifies the system’s security and privacy risks using CPNs’ state space analysis and queries.
Type de document :
Communication dans un congrès
Simone Fischer-Hübner; Elisabeth Leeuw; Chris Mitchell. 3rd Policies and Research in Identity Management (IDMAN), Apr 2013, London, United Kingdom. Springer, IFIP Advances in Information and Communication Technology, AICT-396, pp.97-99, 2013, Policies and Research in Identity Management. 〈10.1007/978-3-642-37282-7_8〉
https://hal.inria.fr/hal-01470506
Contributeur : Hal Ifip
<>
Soumis le : vendredi 17 février 2017 - 14:48:59
Dernière modification le : vendredi 17 février 2017 - 15:16:30
Document(s) archivé(s) le : jeudi 18 mai 2017 - 14:54:31
Ebenezer Paintsil, Lothar Fritsch. Executable Model-Based Risk Assessment Method for Identity Management Systems. Simone Fischer-Hübner; Elisabeth Leeuw; Chris Mitchell. 3rd Policies and Research in Identity Management (IDMAN), Apr 2013, London, United Kingdom. Springer, IFIP Advances in Information and Communication Technology, AICT-396, pp.97-99, 2013, Policies and Research in Identity Management. 〈10.1007/978-3-642-37282-7_8〉. 〈hal-01470506〉
