dynSMAUG: A dynamic security management framework driven by situations

Laborde, Romain; Oglaza, Arnaud; Barrère, François; Benzekri, Abdelmalek

doi:10.1109/csnet.2017.8241987

Cited by 5 publications

(2 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this paper, we propose an adaptive security framework that covers both dynamic risk assessment and situational driven security policy deployment. We extend a maritime-specific risk assessment methodology (MITIGATE [ 5 , 6 ]) to suggest adaptive security controls, and integrate it with a situation-driven security management framework (DynSMAUG [ 7 , 8 , 9 ]) to dynamically enforce adaptive security policies implementing the security controls. We will follow a situation-driven approach.…”

Section: Introductionmentioning

confidence: 99%

An Adaptive, Situation-Based Risk Assessment and Security Enforcement Framework for the Maritime Sector

Grigoriadis

Laborde

Verdier

et al. 2021

Sensors

Self Cite

View full text Add to dashboard Cite

Maritime processes involve actors and systems that continuously change their underlying environment, location and threat exposure. Thus, risk mitigation requires a dynamic risk assessment process, coupled with an adaptive, event driven security enforcement mechanism, to efficiently deal with dynamically evolving risks in a cost efficient manner. In this paper, we propose an adaptive security framework that covers both situational risk assessment and situational driven security policy deployment. We extend MITIGATE, a maritime-specific risk assessment methodology, to capture situations in the risk assessment process and thus produce fine-grained and situation-specific, dynamic risk estimations. Then, we integrate DynSMAUG, a situation-driven security management system, to enforce adaptive security policies that dynamically implement security controls specific to each situation. To validate the proposed framework, we test it based on maritime cargo transfer service. We utilize various maritime specific and generic systems employed during cargo transfer, to produce dynamic risks for various situations. Our results show that the proposed framework can effectively assess dynamic risks per situation and automate the enforcement of adaptive security controls per situation. This is an important improvement in contrast to static and situation-agnostic risk assessment frameworks, where security controls always default to worst-case risks, with a consequent impact on the cost and the applicability of proper security controls.

show abstract

Section: Introductionmentioning

confidence: 99%

An Adaptive, Situation-Based Risk Assessment and Security Enforcement Framework for the Maritime Sector

Grigoriadis

Laborde

Verdier

et al. 2021

Sensors

Self Cite

View full text Add to dashboard Cite

show abstract

“…But, allowing only the right people to access the right assets under the right conditions (temporal, geographical, circumstances, etc) entails considering dynamic constraints that leads to dynamic security permissions. This article extends [2] and presents dynSMAUG, our dynamic security management framework. The specificity of our approach consists in placing the concept of situation at the core of security management and writing policies herewith "when situation and conditions then security actions".…”

Section: Introductionmentioning

confidence: 99%