DocumentCode :
2428429
Title :
Towards Automation of Privacy and Security Risks Analysis in Identity Management Systems
Author :
Paintsil, Ebenezer
Author_Institution :
Norwegian Comput. Center, Oslo, Norway
fYear :
2013
fDate :
16-18 July 2013
Firstpage :
720
Lastpage :
727
Abstract :
Currently, risk analysis methods for identity management systems (IDMSs) mainly rely on manual inspections. Manual inspection is time consuming and expensive. This article introduces the executable model-based risk analysis method (EM-BRAM) with the aim of automating privacy and security risks analysis in IDMSs. The EM-BRAM identifies risk factors inherent in IDMSs and uses them as inputs to a colored petri nets (CPNs) model of a targeted IDMS. It then verifies the system´s risk using CPNs´ state space analysis and queries. We apply the method to analyze privacy and security risk in the OpenID IDMS.
Keywords :
Petri nets; data privacy; risk analysis; CPN; EM-BRAM; OpenID IDMS; colored Petri nets; executable model-based risk analysis method; identity management systems; manual inspection; privacy risk analysis automation; security risk analysis automation; Analytical models; Manuals; Privacy; Protocols; Risk analysis; Security; Unified modeling language; Privacy; analysis; identity; management; risk; security;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on
Conference_Location :
Melbourne, VIC
Type :
conf
DOI :
10.1109/TrustCom.2013.87
Filename :
6680907
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2428429
بازگشت