1st Edition

Multilevel Modeling of Secure Systems in QoP-ML

By Bogdan Księżopolski Copyright 2016
    262 Pages
    by Auerbach Publications

    262 Pages 53 B/W Illustrations
    by Auerbach Publications

    In order to perform effective analysis of today’s information security systems, numerous components must be taken into consideration. This book presents a well-organized, consistent solution created by the author, which allows for precise multilevel analysis of information security systems and accounts for all of the significant details.

    Enabling the multilevel modeling of secure systems, the quality of protection modeling language (QoP-ML) approach provides for the abstraction of security systems while maintaining an emphasis on quality protection. This book introduces the basis of the QoP modeling language along with all the advanced analysis modules, syntax, and semantics. It delineates the steps used in cryptographic protocols and introduces a multilevel protocol analysis that expands current understanding.

    • Introduces quality of protection evaluation of IT Systems
    • Covers the financial, economic, and CO2 emission analysis phase
    • Supplies a multilevel analysis of Cloud-based data centers
    • Details the structures for advanced communication modeling and energy analysis
    • Considers security and energy efficiency trade-offs for the protocols of wireless sensor network architectures
    • Includes case studies that illustrate the QoP analysis process using the QoP-ML
    • Examines the robust security metrics of cryptographic primitives
    • Compares and contrasts QoP-ML with the PL/SQL, SecureUML, and UMLsec approaches by means of the SEQUAL framework

    The book explains the formal logic for representing the relationships between security mechanisms in a manner that offers the possibility to evaluate security attributes. It presents the architecture and API of tools that ensure automatic analysis, including the automatic quality of protection analysis tool (AQoPA), crypto metrics tool (CMTool), and security mechanisms evaluation tool (SMETool).

    The book includes a number of examples and case studies that illustrate the QoP analysis process by the QoP-ML. Every operation defined by QoP-ML is described within parameters of security metrics to help you better evaluate the impact of each operation on your system's security.

    Introduction to Multilevel Modeling of Secure Systems
    Model Driven Security
    Quality of Protection Models
    Multi-Level Analysis Scheme
    Model-Based Multi-Level Decision Support System
    Structure of the Book

    Basis of QoP-ML
    Data Types
    Functions
    Equational Rules
    Process Types
    Message Passing
         Synchronous Communication
    Control Operators
         Condition Statement
         Repetition
         Other Structures
    Security Metrics
    Process Instantiation
    QoP-ML Base Algorithms
    Experimental Validation of the QoP-ML
    Case Study: TLS Handshake Protocol with Secure Data Transmission 
         Protocol Modeling
         Security Metrics Definition 
         Process Instantiation 
         QoP-ML Processing and QoP Evaluation

    Quality of Protection Evaluation of Security Mechanisms
    Facts and Rules
    Evaluation Rules
    Inference Rule
    Inference Mechanism
    Security Attributes
    Conflicts between Rules
    Evaluation Rules System
    QoP Evaluation Process of Security Mechanisms
    Background of the Model
    Methodology of QoP Evaluation of Security Mechanisms
    Case Study: TLS Handshake Protocol
         QoP Modeling 
         Linking Stage
         Configuration Stage
         QoP evaluation Stage 
         QUALITATIVE Estimation
    Formal Model Goals Evaluation

    Advanced Communication and Energy Efficiency Modeling
    Topology 
         Connection Definition
         Quality of Connections 
         Transmission Time
         Transmission Time – Algorithms Structure
    Packet Filtering
         Channels 
         Input and Output Messages
    Routing
    Energy Analysis
    Case Study – Multihop Authentication Protocols for WSN
         Direct Join to Sink : DJSorig
         Indirect Protocols to Join the Sink
    The WSN Protocols Modeling in QoP-ML
         Functions
         Equations
         Channels
         Protocol Flow
         The Algorithm Structure
         Security Metrics
         Process Instantiation
         WSN protocols Evaluation – Results

    Environmental Impact and Financial Costs Analysis
    The Financial and Economic Analyses
         Cost of Energy Consumption of the Infrastructure
         Cost of Cooling Infrastructure Utilization
    CO2 Emissions Analysis
    Case study – Energy and Environmental Impact Analysis of a Data Center
         Scenario
         Role-Based Access Control Model in QoP-ML
         The Analyses

    Reputation Analysis in QoP-ML
    Functions
    Security metrics
    Modules
    Case study – Average Reputation System
         The Reputation in the QoP-ML – Protocol Modeling
         Security Metrics Definition
         Reputation Module
         Process Instantiation
         QoP and Reputation Evaluation

    Security metrics – Methodology
    The model
         Step 1: Information Needs
         Step 2: Elaboration of the Object of Measurement and Attributes
         Step 3: Validation of the Measurement Method
         Step 4: Base Measures Calculations
         Step 5: Validation of Base Measures
         Step 6: Derived Measures Calculations – Optional Step
         Step 7: Validation of Derived Measures – Optional Step
         Step 8: Separation of Indicators
         Step 9: Analysis of Gathered Measurement Results
    Case study – Cryptographic Modules
         Step 1: Information Needs
         Step 2: Elaboration of the Object of Measurement and Attributes
         Step 3: Validation of the Measurement Method
         Step 4: Base Measures Specification
         Step 5: Validation of Base Measures
         Step 6 and 7 : Derived Measures Specification and Validation
         Step 8: Separation of Indicators
         Step 9: Analysis of Measurement Results Gathered
    Test of Cryptographic Primitives

    Tool Support
    AQoPA – Automatic Quality of Protection Analysis Tool
         Step 1 – Model Creation
         Step 2 – Security Metrics Definition 
         Step 3 – Scenario Definition
         Step 4 – Simulation
    SMETool – Security Mechanisms Evaluation Tool 
         Data Flow Model
    Crypto-Metrics Tool (CMTool)
         Data Flow
         Data Flow Model

    Functionality and Usability of QoP-ML
    Security Modeling Framework
         Semantic Quality
         Syntactic Quality
         Pragmatic Quality
         Methodology Extensions
    Assessment of PL/SQL, secureUML and UMLsec
         PL/SQL Security Model
         SecureUML Model
          UMLsec Model
    Case Study – RBAC in QoP-ML
         RBAC Security Model Prepared in QoP-ML
         Assessment of the QoP-ML’s Security Model
         Comparison of Security Models in Terms of QoP-ML
    Summary

    Appendix
    BNF of QoP-ML
    Base QoP-ML Algorithms
    The Data for QoP Evaluation of TLS Protocol
         The Rules Definition for TLS Cryptographic Protocol
         The Facts Order Definition for the TLS Cryptographic Protocol
         The QoP Evaluation Rules Definition for the TLS Cryptographic Protocol
    Algorithms for Advanced Communication
    Validation Algorithms for Security Metrics
    References
    Index

    Biography

    Bogdan Księżopolski is an assistant professor at the Polish-Japanese Academy of Information Technology in Warsaw and Maria Sklodowska-Curie University in Lublin. He received his M.Sc. in computer physics from Maria Curie-Sklodowska University in Lublin and his Ph.D. in computer science from Polish-Japanese Academy of Information Technology in Warsaw, Poland. His research interests include information security, cryptology, security metrics, security engineering, and cryptographic protocols. He has published over 40 papers on computers security. He is the founder and creator of the Quality of Protection Modeling Language (QoP-ML) which enables multilevel modeling of secure systems.