Combining secure system design with risk assessment for IoT healthcare systems
Conference paper
Kammueller, F. 2019. Combining secure system design with risk assessment for IoT healthcare systems. SPT-IoT'19 - The Third Workshop on Security, Privacy and Trust in the Internet of Things, colocated with IEEE PerCom 2019. Kyoto, Japan 11 - 15 Mar 2019 Institute of Electrical and Electronics Engineers (IEEE). pp. 961-966 https://doi.org/10.1109/PERCOMW.2019.8730776
Type | Conference paper |
---|---|
Title | Combining secure system design with risk assessment for IoT healthcare systems |
Authors | Kammueller, F. |
Abstract | In this paper, we show how to derive formal spec- ifications of secure IoT systems by a process that uses the risk assessment strategy of attack trees on infrastructure models. The models of the infrastructure are logical models in the Isabelle Infrastructure framework. It comprises actors, policies and a state transition of the dynamic evolution of the system. This logical framework also provides attack trees. The process we propose in this paper incrementally uses those two features to refine a system specification until expected security and privacy properties can be proved. Infrastructures allow modeling logical as well as physical elements which makes them well suited for IoT applications. We illustrate the stepwise application of the proposed process in the Isabelle Insider framework on the case study of an IoT healthcare system. |
Conference | SPT-IoT'19 - The Third Workshop on Security, Privacy and Trust in the Internet of Things, colocated with IEEE PerCom 2019 |
Page range | 961-966 |
ISBN | |
Electronic | 9781538691519 |
Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
Publication dates | |
Online | 06 Jun 2019 |
15 Mar 2019 | |
Publication process dates | |
Deposited | 15 Sep 2020 |
Accepted | 23 Jan 2019 |
Output status | Published |
Accepted author manuscript | |
Copyright Statement | © 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.” |
Digital Object Identifier (DOI) | https://doi.org/10.1109/PERCOMW.2019.8730776 |
Language | English |
Book title | Proceedings 2019 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops) |
https://repository.mdx.ac.uk/item/89105
Download files
58
total views28
total downloads2
views this month0
downloads this month