On the inability of existing security models to cope with data mobility in dynamic organizations

Share/Save/Bookmark

Dimkov, T. and Tang, Q. and Hartel, P.H. (2008) On the inability of existing security models to cope with data mobility in dynamic organizations. [Report]

open access
[img]
Preview
PDF
988kB
Abstract:Modeling tools like Microsoft's TAM, play an important role in identifying threats in traditional IT systems, where the physical infrastructure and roles are assumed to be static. In dynamic organizations, the mobility of data outside the organizational perimeter causes an increased level of threats such as the loss of confidential data and the loss of reputation. We show that current modeling tools are not powerful enough to help the designer identify the emerging threats due to mobility of data and change of roles, because they do not include the mobility of IT systems nor the organizational dynamics in the security model. Researchers have proposed new security models that particularly focus on data mobility and the dynamics of modern organizations, such as frequent role changes of a person. We show that none of the new security models simultaneously considers the data mobility and organizational dynamics to a satisfactory extent. As a result, none of the new security models effectively identifies the potential security threats caused by data mobility in a dynamic organization.
Item Type:Report
Faculty:
Electrical Engineering, Mathematics and Computer Science (EEMCS)
Research Group:
Link to this item:http://purl.utwente.nl/publications/64980
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page

Metis ID: 251179