From reactionary to proactive security: context-aware security policy management and optimization under uncertainty

Chaisiri, Sivadon; Ko, Ryan K.L.

From reactionary to proactive security: context-aware security policy management and optimization under uncertainty

dc.contributor.author	Chaisiri, Sivadon	en_NZ
dc.contributor.author	Ko, Ryan K.L.	en_NZ
dc.coverage.spatial	Tianjin, China	en_NZ
dc.date.accessioned	2017-04-11T22:15:53Z
dc.date.available	2016	en_NZ
dc.date.available	2017-04-11T22:15:53Z
dc.date.issued	2016	en_NZ
dc.description.abstract	At the core of its nature, security is a highly contextual and dynamic challenge. However, current security policy approaches are usually static, and slow to adapt to ever-changing requirements, let alone catching up with reality. In a 2012 Sophos survey, it was stated that a unique malware is created every half a second. This gives a glimpse of the unsustainable nature of a global problem, any improvement in terms of closing the 'time window to adapt' would be a significant step forward. To exacerbate the situation, a simple change in threat and attack vector or even an implementation of the so-called 'bring-your-own-device' paradigm will greatly change the frequency of changed security requirements and necessary solutions required for each new context. Current security policies also typically overlook the direct and indirect costs of implementation of policies. As a result, technical teams often fail to have the ability to justify the budget to the management, from a business risk viewpoint. This paper considers both the adaptive and cost-benefit aspects of security, and introduces a novel context-aware technique for designing and implementing adaptive, optimized security policies. Our approach leverages the capabilities of stochastic programming models to optimize security policy planning, and our preliminary results demonstrate a promising step towards proactive, context-aware security policies.	en_NZ
dc.format.mimetype	application/pdf
dc.identifier.citation	Chaisiri, S., & Ko, R. K. L. (2016). From reactionary to proactive security: context-aware security policy management and optimization under uncertainty. In Proceedings of 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, August 23-26, 2016, Tianjin, China (pp. 535–543). Washington, DC, USA: IEEE Computer Society. https://doi.org/10.1109/TrustCom.2016.0107	en
dc.identifier.doi	10.1109/TrustCom.2016.0107	en_NZ
dc.identifier.isbn	9781509032051	en_NZ
dc.identifier.uri	https://hdl.handle.net/10289/10997
dc.language.iso	en
dc.publisher	IEEE Computer Society	en_NZ
dc.relation.isPartOf	Proceedings of 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications	en_NZ
dc.rights	This is an author’s accepted version of an article published in the Proceedings of 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications. ©2016 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
dc.source	TrustCom 2016	en_NZ
dc.subject	computer science	en_NZ
dc.subject	stochastic programming	en_NZ
dc.subject	context-aware computing	en_NZ
dc.subject	context-aware security	en_NZ
dc.subject	security economics	en_NZ
dc.subject	mathematical optimization	en_NZ
dc.title	From reactionary to proactive security: context-aware security policy management and optimization under uncertainty	en_NZ
dc.type	Conference Contribution
pubs.begin-page	535
pubs.elements-id	193208
pubs.end-page	543
pubs.finish-date	2016-08-26	en_NZ
pubs.organisational-group	/Waikato
pubs.organisational-group	/Waikato/2018 PBRF
pubs.organisational-group	/Waikato/FCMS
pubs.organisational-group	/Waikato/FCMS/2018 PBRF - FCMS
pubs.organisational-group	/Waikato/FCMS/Computer Science
pubs.organisational-group	/Waikato/FCMS/Institute for Security and Crime Science
pubs.place-of-publication	Washington, DC, USA
pubs.publication-status	Published	en_NZ
pubs.start-date	2016-08-23	en_NZ
uow.verification.status	verified

Files

Original bundle

Now showing 1 - 1 of 1

Name:: From Reactionary to Proactive Security Context-Aware Security Policy Management and Optimization Under Uncertainty.pdf
Size:: 327.94 KB
Format:: Adobe Portable Document Format
Description:: Accepted version

Name: From Reactionary to Proactive Security Context-Aware Security Policy Management and Optimization Under Uncertainty.pdf

Size: 327.94 KB

Kind: Adobe PDF

License bundle

Now showing 1 - 1 of 1

Name:: Research Commons Deposit Agreement 2017.pdf
Size:: 188.11 KB
Format:: Adobe Portable Document Format
Description:

Name: Research Commons Deposit Agreement 2017.pdf

Size: 188.11 KB

Kind: Adobe PDF

Collections

Computing and Mathematical Sciences Papers