کد مقاله | کد نشریه | سال انتشار | مقاله انگلیسی | نسخه تمام متن |
---|---|---|---|---|
494360 | 862715 | 2007 | 13 صفحه PDF | دانلود رایگان |
![عکس صفحه اول مقاله: Archetypal behavior in computer security Archetypal behavior in computer security](/preview/png/494360.png)
The purpose of this study is to understand observed behavior and to diagnose and find solutions to issues encountered in organizational computer security using a systemic approach, namely system archetypes. In this paper we show the feasibility of archetypes application and the benefits of simulation. We developed a model and simulation of some aspects of security based on system dynamics principles. The system dynamics simulation model can be used in support of decision-making, training, and teaching regarding the mitigation of computer security risks. In this paper, we combine two archetypes and show the computer security relevance of such combinations. Presented are instances of the archetypes “Escalation”, in which an organization must continuously increase its efforts to counter additional attacker effort; and “Limits to Growth”, in which the gains from an organization’s security efforts plateau or decline due to its limited capacity for security-related tasks. We describe a scenario where these archetypes (individually and combined) can help in diagnosis and understanding, and present simulation of “what-if” scenarios suggesting how an organization might remedy these problems and maximize its gains from security efforts.
Journal: Journal of Systems and Software - Volume 80, Issue 10, October 2007, Pages 1594–1606