Title :
Risk-Based Methodology for Real-Time Security Monitoring of Interdependent Services in Critical Infrastructures
Author :
Aubert, Jocelyn ; Schaberreiter, T. ; Incoul, Christophe ; Khadraoui, Djamel ; Gateau, Benjamin
Author_Institution :
Centre for IT Innovation, Public Res. Centre Henri Tudor, Luxembourg, Luxembourg
Abstract :
In today´s world, where most of the critical infrastructures (CI) are based on distributed systems, security failures have become very common, even within large corporations. The critical infrastructures are tightly interconnected, mutually dependent, and are exposed everyday to new risks.These (inter)dependencies generate potential cascading effects that may spread a malfunction or an attack from one part of the system to another dependent infrastructure.In this paper, we propose a risk-based methodology that aims to monitor interdependent services based on generic risks and assurance levels using the classical security properties: Confidentiality, Integrity and Availability. This allows each CI owner to monitor, react and adopt the best behavior corresponding to the security status of its different services.
Keywords :
critical infrastructures; risk management; security of data; assurance levels; availability; confidentiality; critical infrastructures; distributed systems; generic risks; integrity; interdependent services; realtime security monitoring; risk-based methodology; Availability; Monitoring; Security; CI Interdependency; Critical Infrastructure; Monitoring; Risk Management; Security;
Conference_Titel :
Availability, Reliability, and Security, 2010. ARES '10 International Conference on
Conference_Location :
Krakow
Print_ISBN :
978-1-4244-5879-0
DOI :
10.1109/ARES.2010.102
