Formal modeling and analysis with humans in infrastructures for IoT health care systems

Kammueller, Florian ORCID: https://orcid.org/0000-0001-5839-5488 (2017) Formal modeling and analysis with humans in infrastructures for IoT health care systems. Human Aspects of Information Security, Privacy and Trust: 5th International Conference, HAS 2017, Held as Part of HCI International 2017, Vancouver, BC, Canada, July 9-14, 2017, Proceedings. In: 5th International Conference on Human Aspects of Security, Privacy and Trust, HCII-HAS 2017, 09-14 Jul 2017, Vancouver, BC, Canada. ISBN 9783319584591. ISSN 0302-9743 [Conference or Workshop Item] (doi:10.1007/978-3-319-58460-7_24)

Preview

PDF - Final accepted version (with author's formatting) Download (383kB) | Preview

Abstract

In this paper, we integrate previously developed formal methods to model infrastructure, actors, and policies of human centric infrastructures in order to analyze security and privacy properties. A fruitful approach for discovering attacks on human centric infrastructure models is invalidation of global policies. Invalidating global policies by a complete exploration of the state space can be realized by modelchecking. To counter the state explosion problem inherent in modelchecking, Higher Order Logic (HOL) supported by the interactive theorem prover Isabelle can be used to emulate modelchecking. In addition, the Isabelle Insider framework supports modeling and analysis of human centric infrastructures including attack trees. In this paper, we investigate how Isabelle modelchecking might help to improve detection of attack traces and re-finement of attack tree analysis. To this end, we use a case study from security and privacy of IoT devices in the health care sector as proposed in the CHIST-ERA project SUCCESS.

Actions (login required)

View Item

Statistics

DownloadsShow export options

Export as CSVXMLJSON

Activity Overview

6 month trend

320Downloads

6 month trend

410Hits

Additional statistics are available via IRStats2.