Documente Academic
Documente Profesional
Documente Cultură
2
Asset Dependencies on ISRA
• Information Competitive advantage
• Started as tool
• Now is essential component every operation need
information
• Technological advances forcing organization use new
technology new threat
• Large amount of data Protection
mechanism
• Loss of CIA total failure
• Threat respond inappropriate significant loss
• Commonly used ISRA (information
security risk analysis)
• Process to identify and evaluate factors that can interfere with
the success of the project or the achievement of objectives
3
ISRA
• Focused on analyzing the threats and weaknesses of
the information resources and determining the
controls needed to place the risk in an acceptable
position
• Steps:
• asset valuation
• threat and vulnerability mapping
• risk calculation
• risk reporting
• consensus building
• Technique:
• FTA
• ETA
• Attack tree
• Cause & Effect Diagram
• BN
• Attack graph
4
ISRA .. (2)
• Approach:
• Quantitative
• Mathematical approach
• Precision, automate, not require opinion, objective
• Limitation:
• Calculation on replacement, not operational cost inappropriate financial assessment of
resource
• Accuracy depend on historical data
• Difficult when real data unavailable
• Qualitative,
• Simple calculation, less time consuming
• Limitation:
• Subjective
• Dependent on expert
• Hybrid
• Security triads
• Confidentiality certain group certain information
• Integrity asset remain in well defined state
• Availability asset accessible
5
Limitation
• Limitation
• Asset dependency complexity
• Failure asset effect another asset
• Ex:
• Website (High Security) On server (low security)
• Risk website must consider effect on server risk
• Risk model that considers asset
dependence more powerful
• Only partially: Suh and Han, Rahmad, Tatar & Karabacak,
Breier, Alpcan & Bamboos, Khanmohammadi, Schmid &
Albayrak, Loloei
• Cyclic Muller
• ISRA need:
• Simpler
• Support cyclic
6
Previous studies
• Suh & Han • Alpcan & Bamboos
• determine asset value based on relationship between • Graph theory, combine business, threat, and human,
asset and business function dynamic change based on interaction
• Maximum • Khanmohammadi & Houmb
• Focus on availability • Risk identified and accessed in business process level
• Rahmad • Specific value on each organization
• Threat scenario • Schmidt & Albayrak
• Collection of catalogue • Assessment vertical and horizontal, vertical in three
• Building large catalogs level: process, service, and application, horizontal
between asset
• Tatar & karabacak
• Hiearchial valuation • Loloei & Shahriari
• Value asset independent & dependent, independent
• Breier cost & level importance, dependence CIA parameter
• Related graph, Asset value based on connection, • Focus on availability
combined with initial value of asset
• Difficult to apply in real world • Muller
• DARC, determine asset root and dependency value
• Support cyclic
• Complex mapping
7
Suh & Han • The IS risk analysis based on a business model
8
• Threat Scenario Dependency-Based Model of Information Security Risk Analysis
• Modeling Asset Dependency for Security Risk Analysis using Threat-Scenario
Rahmad •
Dependency
Analisa Risiko Keamanan Informasi dengan Mempertimbangkan Dependensi Skenario
Threat dan Kontrol sebagai Pereduksi Likelihood dan Impact
Model kons eptual Threat scenario TS - TS
• Main concept catalogue
• Assets, threats, controls
• Threat-scenario
• Dependency TS
• TS – Security Dimension
• TS – TS
TS - Threat
• TS – Threat
1. Risk: 5. Weighted mean kombinasi skenario-threat TS – Security dimension
= ×
2. Skenario-threat yg relevan dg tujuan: = ( | ,… , )
6. Weighted mean kombinasi threat tereduksi
= | , …,
3. Weighted-mean skenario-threat yg relevan:
= | ,… ,
| ,… , 7. Threat tereduksi
∑ × ( ) = × (1 − ( ))
=
∑
4. Skenario-threat
= ( | , ) Efektifitas kontrol
9. = | ,… ,
10. = | , …,
11. = | , …,
Control combination effectivity:
× + × + × + × + × ( ) 12. = | , …,
=
+ + + +
13. = | , …,
9
• An Hierarchical Asset Valuation
Tatar & Karabacak Method for Information Security Risk
Analysis
• Identification Nomor
seri
Nama
perangkat
keras
Pemilik Lokasi
fisik
Nilai
Confidentiality
Nilai
Integrity
Nilai
Availability
• Hardware Server
S1 Sistem Paul H1
• Information Perangkat
Keras S2
operasi
Software Paul H1
Identifikasi resource
Penilaian resource
enkripsi
• Valuation Nomor
seri
Nama
Informas
i
Pemilik Perangkat
lunak
pemroses
Nilai
Confidentialit
y
Nilai
Integrity
Nilai
Availability
• Information Perangkat
Lunak
I1
I2
Data
Pribadi
Data gaji
Ann
Ann
S2
S2
4
5
4
5
4
• Hardware S1
e
Sistem
operasi
Paul
pemroses
H1
y
3 3 5
10
• Asset Valuation Method for Dependent Entities
Breier • Assets Dependencies Model in Information Security
Risk Management
• Organization
model
• Risk values
• Component
dependency value
• Adjustment risk
values
11
• A quantitative framework for
Schmidt & Albayrak dependency-aware
organizational IT Risk
Management
• Virtual value
• = +∑ ∑ ∈ ( , ) 1 ∏ ∈
• Path on process v
12
• Dynamic Risk Analyses and Dependency-Aware Root Cause Model for Critical Infrastructures
Muller •
•
Risk Monitoring and Intrusion Detection for Industrial Control Systems
13
Eusgeld System-of-systems approach for interdependent critical
infrastructures
• Modular concept in
Risk Analysis
• Consist of 3 levels:
• System of system
• CI
• System
• Still in conceptual
mode
• Compound node promising
• Produce combination attack graph
in cyclic form
14
Omer & Schill Automatic management of cyclic dependency
among web services
15
DARA’s Idea
• Risk dependency on CI
Faster, Rinaldi (CI) vs Sendi
(IS)
• Cyclic Muller
• Broader coverage IS risk analysis
• HLA Eusgeld (CI)
recommended by Ouyang
Conceptual
• Complexity more clearly
• Allow vertical & horizontal
• Compound Node Omer &
Schill
• Threat scenario (Rahmad) speed up
process
• Easy to read
16
DARA’s Model
• Risk(Threat,Asset)=Lik
elihood(Threat)⊗Impac
t(Threat,Asset)
• Fenz vulnerability,
intermediate node for
mapping threat
• Priority likelihood
⊆ ×
A set of all asset
S {C, I, A} 17
Conclusion & Future work
• Conclusion
• Asset dependencies Biggest challenge in risk
analysis
• Qualitative Depend on expert
• Quantitative Cost benefit, easily understood
• Attack graph Flexibility, support cyclic
• Future work
• Evaluation proposed model
• Compare speed and readability
18
Thank You