Layered Analysis of Security Ceremonies

Abstract : A security ceremony expands a security protocol with everything that is considered out of band for it. Notably, it incorporates the user, who, according to their belief systems and cultural values, may be variously targeted by social engineering attacks. This makes ceremonies complex and varied, hence the need for their formal analysis aimed at their rigorous understanding.Formal analysis in turn requires clarifying the ceremony structure to build a ceremony model. The model defined here spans over a number of socio-technical layers, ranging from a computer network to society. It inspires a layered analysis of security ceremonies, that is layer by layer. This paper focuses on the human-computer interaction layer, which features a socio-technical protocol between a user persona and a computer interface. Future work will be to traverse all layers by formal analysis.
Type de document :
Communication dans un congrès
Dimitris Gritzalis; Steven Furnell; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.273-286, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_23〉
Liste complète des métadonnées

Littérature citée [25 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01518259
Contributeur : Hal Ifip <>
Soumis le : jeudi 4 mai 2017 - 13:45:55
Dernière modification le : jeudi 4 mai 2017 - 14:53:51
Document(s) archivé(s) le : samedi 5 août 2017 - 13:26:16

Fichier

978-3-642-30436-1_23_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Giampaolo Bella, Lizzie Coles-Kemp. Layered Analysis of Security Ceremonies. Dimitris Gritzalis; Steven Furnell; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.273-286, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_23〉. 〈hal-01518259〉

Partager

Métriques

Consultations de la notice

50

Téléchargements de fichiers

28