In order to perform effective analysis of today’s information security systems, numerous components must be taken into consideration. This book presents a well-organized, consistent solution created by the author, which allows for precise multilevel analysis of information security systems and accounts for all of the significant details.
Enabling the multilevel modeling of secure systems, the quality of protection modeling language (QoP-ML) approach provides for the abstraction of security systems while maintaining an emphasis on quality protection. This book introduces the basis of the QoP modeling language along with all the advanced analysis modules, syntax, and semantics. It delineates the steps used in cryptographic protocols and introduces a multilevel protocol analysis that expands current understanding.
- Introduces quality of protection evaluation of IT Systems
- Covers the financial, economic, and CO2 emission analysis phase
- Supplies a multilevel analysis of Cloud-based data centers
- Details the structures for advanced communication modeling and energy analysis
- Considers security and energy efficiency trade-offs for the protocols of wireless sensor network architectures
- Includes case studies that illustrate the QoP analysis process using the QoP-ML
- Examines the robust security metrics of cryptographic primitives
- Compares and contrasts QoP-ML with the PL/SQL, SecureUML, and UMLsec approaches by means of the SEQUAL framework
The book explains the formal logic for representing the relationships between security mechanisms in a manner that offers the possibility to evaluate security attributes. It presents the architecture and API of tools that ensure automatic analysis, including the automatic quality of protection analysis tool (AQoPA), crypto metrics tool (CMTool), and security mechanisms evaluation tool (SMETool).
The book includes a number of examples and case studies that illustrate the QoP analysis process by the QoP-ML. Every operation defined by QoP-ML is described within parameters of security metrics to help you better evaluate the impact of each operation on your system's security.
Introduction to Multilevel Modeling of Secure Systems
Model Driven Security
Quality of Protection Models
Multi-Level Analysis Scheme
Model-Based Multi-Level Decision Support System
Structure of the Book
Basis of QoP-ML
Data Types
Functions
Equational Rules
Process Types
Message Passing
Synchronous Communication
Control Operators
Condition Statement
Repetition
Other Structures
Security Metrics
Process Instantiation
QoP-ML Base Algorithms
Experimental Validation of the QoP-ML
Case Study: TLS Handshake Protocol with Secure Data Transmission
Protocol Modeling
Security Metrics Definition
Process Instantiation
QoP-ML Processing and QoP Evaluation
Quality of Protection Evaluation of Security Mechanisms
Facts and Rules
Evaluation Rules
Inference Rule
Inference Mechanism
Security Attributes
Conflicts between Rules
Evaluation Rules System
QoP Evaluation Process of Security Mechanisms
Background of the Model
Methodology of QoP Evaluation of Security Mechanisms
Case Study: TLS Handshake Protocol
QoP Modeling
Linking Stage
Configuration Stage
QoP evaluation Stage
QUALITATIVE Estimation
Formal Model Goals Evaluation
Advanced Communication and Energy Efficiency Modeling
Topology
Connection Definition
Quality of Connections
Transmission Time
Transmission Time – Algorithms Structure
Packet Filtering
Channels
Input and Output Messages
Routing
Energy Analysis
Case Study – Multihop Authentication Protocols for WSN
Direct Join to Sink : DJSorig
Indirect Protocols to Join the Sink
The WSN Protocols Modeling in QoP-ML
Functions
Equations
Channels
Protocol Flow
The Algorithm Structure
Security Metrics
Process Instantiation
WSN protocols Evaluation – Results
Environmental Impact and Financial Costs Analysis
The Financial and Economic Analyses
Cost of Energy Consumption of the Infrastructure
Cost of Cooling Infrastructure Utilization
CO2 Emissions Analysis
Case study – Energy and Environmental Impact Analysis of a Data Center
Scenario
Role-Based Access Control Model in QoP-ML
The Analyses
Reputation Analysis in QoP-ML
Functions
Security metrics
Modules
Case study – Average Reputation System
The Reputation in the QoP-ML – Protocol Modeling
Security Metrics Definition
Reputation Module
Process Instantiation
QoP and Reputation Evaluation
Security metrics – Methodology
The model
Step 1: Information Needs
Step 2: Elaboration of the Object of Measurement and Attributes
Step 3: Validation of the Measurement Method
Step 4: Base Measures Calculations
Step 5: Validation of Base Measures
Step 6: Derived Measures Calculations – Optional Step
Step 7: Validation of Derived Measures – Optional Step
Step 8: Separation of Indicators
Step 9: Analysis of Gathered Measurement Results
Case study – Cryptographic Modules
Step 1: Information Needs
Step 2: Elaboration of the Object of Measurement and Attributes
Step 3: Validation of the Measurement Method
Step 4: Base Measures Specification
Step 5: Validation of Base Measures
Step 6 and 7 : Derived Measures Specification and Validation
Step 8: Separation of Indicators
Step 9: Analysis of Measurement Results Gathered
Test of Cryptographic Primitives
Tool Support
AQoPA – Automatic Quality of Protection Analysis Tool
Step 1 – Model Creation
Step 2 – Security Metrics Definition
Step 3 – Scenario Definition
Step 4 – Simulation
SMETool – Security Mechanisms Evaluation Tool
Data Flow Model
Crypto-Metrics Tool (CMTool)
Data Flow
Data Flow Model
Functionality and Usability of QoP-ML
Security Modeling Framework
Semantic Quality
Syntactic Quality
Pragmatic Quality
Methodology Extensions
Assessment of PL/SQL, secureUML and UMLsec
PL/SQL Security Model
SecureUML Model
UMLsec Model
Case Study – RBAC in QoP-ML
RBAC Security Model Prepared in QoP-ML
Assessment of the QoP-ML’s Security Model
Comparison of Security Models in Terms of QoP-ML
Summary
Appendix
BNF of QoP-ML
Base QoP-ML Algorithms
The Data for QoP Evaluation of TLS Protocol
The Rules Definition for TLS Cryptographic Protocol
The Facts Order Definition for the TLS Cryptographic Protocol
The QoP Evaluation Rules Definition for the TLS Cryptographic Protocol
Algorithms for Advanced Communication
Validation Algorithms for Security Metrics
References
Index
Biography
Bogdan Księżopolski is an assistant professor at the Polish-Japanese Academy of Information Technology in Warsaw and Maria Sklodowska-Curie University in Lublin. He received his M.Sc. in computer physics from Maria Curie-Sklodowska University in Lublin and his Ph.D. in computer science from Polish-Japanese Academy of Information Technology in Warsaw, Poland. His research interests include information security, cryptology, security metrics, security engineering, and cryptographic protocols. He has published over 40 papers on computers security. He is the founder and creator of the Quality of Protection Modeling Language (QoP-ML) which enables multilevel modeling of secure systems.