Search Results

Documents authored by Gollmann, Dieter

Document
DOI: 10.4230/DagRep.4.12.1
Socio-Technical Security Metrics (Dagstuhl Seminar 14491)

Authors: Dieter Gollmann, Cormac Herley, Vincent Koenig, Wolter Pieters, and Martina Angela Sasse

Published in: Dagstuhl Reports, Volume 4, Issue 12 (2015)

Abstract
This report documents the program and the outcomes of Dagstuhl Seminar 14491 "Socio-Technical Security Metrics". In the domain of safety, metrics inform many decisions, from the height of new dikes to the design of nuclear plants. We can state, for example, that the dikes should be high enough to guarantee that a particular area will flood at most once every 1000 years. Even when considering the limitations of such numbers, they are useful in guiding policy. Metrics for the security of information systems have not reached the same maturity level. This is partly due to the nature of security risk, in which an adaptive attacker rather than nature causes the threat events. Moreover, whereas the human factor may complicate safety and security procedures alike, in security this "weakest link" may be actively exploited by an attacker, such as in phishing or social engineering. In order to measure security at the level of socio-technical systems, one therefore needs to compare online hacking against such social manipulations, since the attacker may simply take the easiest path. In this seminar, we searched for suitable metrics that allow us to estimate information security risk in a socio-technical context, as well as the costs and effectiveness of countermeasures. Working groups addressed different topics, including security as a science, testing and evaluation, social dynamics, models and economics. The working groups focused on three main questions: what are we interested in, how to measure it, and what to do with the metrics.
Cite as

Dieter Gollmann, Cormac Herley, Vincent Koenig, Wolter Pieters, and Martina Angela Sasse. Socio-Technical Security Metrics (Dagstuhl Seminar 14491). In Dagstuhl Reports, Volume 4, Issue 12, pp. 1-28, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2015)

Copy BibTex To Clipboard

@Article{gollmann_et_al:DagRep.4.12.1,
  author =	{Gollmann, Dieter and Herley, Cormac and Koenig, Vincent and Pieters, Wolter and Sasse, Martina Angela},
  title =	{{Socio-Technical Security Metrics (Dagstuhl Seminar 14491)}},
  pages =	{1--28},
  journal =	{Dagstuhl Reports},
  ISSN =	{2192-5283},
  year =	{2015},
  volume =	{4},
  number =	{12},
  editor =	{Gollmann, Dieter and Herley, Cormac and Koenig, Vincent and Pieters, Wolter and Sasse, Martina Angela},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagRep.4.12.1},
  URN =		{urn:nbn:de:0030-drops-49744},
  doi =		{10.4230/DagRep.4.12.1},
  annote =	{Keywords: Security risk management, security metrics, socio-technical security, social engineering, multi-step attacks, return on security investment}
}
Document
DOI: 10.4230/OASIcs.MCPS.2014.100
Evaluating On-line Model Checking in UPPAAL-SMC using a Laser Tracheotomy Case Study

Authors: Xintao Ma, Jonas Rinast, Sibylle Schupp, and Dieter Gollmann

Published in: OASIcs, Volume 36, 5th Workshop on Medical Cyber-Physical Systems (2014)

Abstract
On-line model checking is a variant of model checking that evaluates properties of a system concurrently while deployed, which allows overcoming limitations of inaccurate system models. In this paper we conduct a laser tracheotomy case study to evaluate the feasibility of using the statistical model checker UPPAAL-SMC for on-line model checking in a medical application. Development of automatic on-line model checking relies on the precision of the prediction and real-time capabilities as real-time requirements must be met. We evaluate the case study with regards to these qualities and our results show that using UPPAAL-SMC in an on-line model checking context is practical: relative prediction errors were only 2% on average and guarantees could be established within reasonable time during our experiments.
Cite as

Xintao Ma, Jonas Rinast, Sibylle Schupp, and Dieter Gollmann. Evaluating On-line Model Checking in UPPAAL-SMC using a Laser Tracheotomy Case Study. In 5th Workshop on Medical Cyber-Physical Systems. Open Access Series in Informatics (OASIcs), Volume 36, pp. 100-112, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2014)

Copy BibTex To Clipboard

@InProceedings{ma_et_al:OASIcs.MCPS.2014.100,
  author =	{Ma, Xintao and Rinast, Jonas and Schupp, Sibylle and Gollmann, Dieter},
  title =	{{Evaluating On-line Model Checking in UPPAAL-SMC using a Laser Tracheotomy Case Study}},
  booktitle =	{5th Workshop on Medical Cyber-Physical Systems},
  pages =	{100--112},
  series =	{Open Access Series in Informatics (OASIcs)},
  ISBN =	{978-3-939897-66-8},
  ISSN =	{2190-6807},
  year =	{2014},
  volume =	{36},
  editor =	{Turau, Volker and Kwiatkowska, Marta and Mangharam, Rahul and Weyer, Christoph},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/OASIcs.MCPS.2014.100},
  URN =		{urn:nbn:de:0030-drops-45279},
  doi =		{10.4230/OASIcs.MCPS.2014.100},
  annote =	{Keywords: On-line Model Checking, Laser Tracheotomy, UPPAAL-SMC, Patient-in-the-loop}
}
Document
DOI: 10.4230/DagRep.2.12.37
Organizational Processes for Supporting Sustainable Security (Dagstuhl Seminar 12501)

Authors: Lizzie Coles-Kemp, Carrie Gates, Dieter Gollmann, Sean Peisert, and Christian Probst

Published in: Dagstuhl Reports, Volume 2, Issue 12 (2013)

Abstract
This report documents the program and the outcomes of Dagstuhl Seminar 12501 "Organizational Processes for Supporting Sustainable Security" which ran from December 9 to 12, 2012 and was held in Schloss Dagstuhl--Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. We also ran a number of collaborative sessions designed to promote the development of design principles for sustainably secure organizational processes. The first section describes the seminar topics and goals in general. The following section contains abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper.
Cite as

Lizzie Coles-Kemp, Carrie Gates, Dieter Gollmann, Sean Peisert, and Christian Probst. Organizational Processes for Supporting Sustainable Security (Dagstuhl Seminar 12501). In Dagstuhl Reports, Volume 2, Issue 12, pp. 37-48, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2013)

Copy BibTex To Clipboard

@Article{coleskemp_et_al:DagRep.2.12.37,
  author =	{Coles-Kemp, Lizzie and Gates, Carrie and Gollmann, Dieter and Peisert, Sean and Probst, Christian},
  title =	{{Organizational Processes for Supporting Sustainable Security (Dagstuhl Seminar 12501)}},
  pages =	{37--48},
  journal =	{Dagstuhl Reports},
  ISSN =	{2192-5283},
  year =	{2013},
  volume =	{2},
  number =	{12},
  editor =	{Coles-Kemp, Lizzie and Gates, Carrie and Gollmann, Dieter and Peisert, Sean and Probst, Christian},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagRep.2.12.37},
  URN =		{urn:nbn:de:0030-drops-39881},
  doi =		{10.4230/DagRep.2.12.37},
  annote =	{Keywords: Insider threat, Organizational Process, Resilience, Security Policy}
}
Document
DOI: 10.4230/DagSemProc.10341.1
10341 Abstracts Collection – Insider Threats: Strategies for Prevention, Mitigation, and Response

Authors: Matt Bishop, Lizzie Coles-Kemp, Dieter Gollmann, Jeffrey Hunker, and Christian W. Probst

Published in: Dagstuhl Seminar Proceedings, Volume 10341, Insider Threats: Strategies for Prevention, Mitigation, and Response (2010)

Abstract
From August 22 to 26, 2010, the Dagstuhl Seminar 10341 ``Insider Threats: Strategies for Prevention, Mitigation, and Response'' was held in Schloss Dagstuhl~--~Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available.
Cite as

Matt Bishop, Lizzie Coles-Kemp, Dieter Gollmann, Jeffrey Hunker, and Christian W. Probst. 10341 Abstracts Collection – Insider Threats: Strategies for Prevention, Mitigation, and Response. In Insider Threats: Strategies for Prevention, Mitigation, and Response. Dagstuhl Seminar Proceedings, Volume 10341, pp. 1-12, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2010)

Copy BibTex To Clipboard

@InProceedings{bishop_et_al:DagSemProc.10341.1,
  author =	{Bishop, Matt and Coles-Kemp, Lizzie and Gollmann, Dieter and Hunker, Jeffrey and Probst, Christian W.},
  title =	{{10341 Abstracts Collection – Insider Threats: Strategies for Prevention, Mitigation, and Response}},
  booktitle =	{Insider Threats: Strategies for Prevention, Mitigation, and Response},
  pages =	{1--12},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2010},
  volume =	{10341},
  editor =	{Matt Bishop and Lizzie Coles-Kemp and Dieter Gollmann and Jeff Hunker and Christian W. Probst},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.10341.1},
  URN =		{urn:nbn:de:0030-drops-29046},
  doi =		{10.4230/DagSemProc.10341.1},
  annote =	{Keywords: Insider Threat, Security Policies, Threat Modelling}
}
Document
DOI: 10.4230/DagSemProc.10341.2
10341 Report – Insider Threats: Strategies for Prevention, Mitigation, and Response

Authors: Matt Bishop, Lizzie Coles-Kemp, Dieter Gollmann, Jeffrey Hunker, and Christian W. Probst

Published in: Dagstuhl Seminar Proceedings, Volume 10341, Insider Threats: Strategies for Prevention, Mitigation, and Response (2010)

Abstract
This article summarizes the objectives and structure of a seminar with the same title, held from August 22nd to 26th, 2010, at Schloss Dagstuhl, Germany. The seminar brought together researchers and policy-makers from quite diverse communities, to make progress towards an integrated framework for understanding insider threats and their interaction with organizations and policies. During the seminar, social and organizational factors relevant to insider threats, were discussed, as well as urgent questions in four areas: synthesizing social science and technical research, metrics and assurance, language formulations and ontology, and the threats facing intangible systems. This report gives an overview of the discussions and presentations during the week, as well as the outcome of these discussions.
Cite as

Matt Bishop, Lizzie Coles-Kemp, Dieter Gollmann, Jeffrey Hunker, and Christian W. Probst. 10341 Report – Insider Threats: Strategies for Prevention, Mitigation, and Response. In Insider Threats: Strategies for Prevention, Mitigation, and Response. Dagstuhl Seminar Proceedings, Volume 10341, pp. 1-13, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2010)

Copy BibTex To Clipboard

@InProceedings{bishop_et_al:DagSemProc.10341.2,
  author =	{Bishop, Matt and Coles-Kemp, Lizzie and Gollmann, Dieter and Hunker, Jeffrey and Probst, Christian W.},
  title =	{{10341 Report – Insider Threats: Strategies for Prevention, Mitigation, and Response}},
  booktitle =	{Insider Threats: Strategies for Prevention, Mitigation, and Response},
  pages =	{1--13},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2010},
  volume =	{10341},
  editor =	{Matt Bishop and Lizzie Coles-Kemp and Dieter Gollmann and Jeff Hunker and Christian W. Probst},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.10341.2},
  URN =		{urn:nbn:de:0030-drops-29033},
  doi =		{10.4230/DagSemProc.10341.2},
  annote =	{Keywords: Insider Threat, Security Policies, Threat Modelling}
}
Document
DOI: 10.4230/DagSemProc.08302.1
08302 Abstracts Collection – Countering Insider Threats

Authors: Matt Bishop, Dieter Gollmann, Jeffrey Hunker, and Christian W. Probst

Published in: Dagstuhl Seminar Proceedings, Volume 8302, Countering Insider Threats (2008)

Abstract
From July 20 to July 25, 2008, the Dagstuhl Seminar 08302 ``Countering Insider Threats '' was held in Schloss Dagstuhl~--~Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available.
Cite as

Matt Bishop, Dieter Gollmann, Jeffrey Hunker, and Christian W. Probst. 08302 Abstracts Collection – Countering Insider Threats. In Countering Insider Threats. Dagstuhl Seminar Proceedings, Volume 8302, pp. 1-10, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2008)

Copy BibTex To Clipboard

@InProceedings{bishop_et_al:DagSemProc.08302.1,
  author =	{Bishop, Matt and Gollmann, Dieter and Hunker, Jeffrey and Probst, Christian W.},
  title =	{{08302 Abstracts Collection – Countering Insider Threats}},
  booktitle =	{Countering Insider Threats},
  pages =	{1--10},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2008},
  volume =	{8302},
  editor =	{Matt Bishop and Dieter Gollmann and Jeffrey Hunke and Christian W. Probst},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.08302.1},
  URN =		{urn:nbn:de:0030-drops-17960},
  doi =		{10.4230/DagSemProc.08302.1},
  annote =	{Keywords: Insider Threat, Security Policies, Threat Modelling}
}
Document
DOI: 10.4230/DagSemProc.08302.2
08302 Summary – Countering Insider Threats

Authors: Christian W. Probst, Jeffrey Hunker, Matt Bishop, and Dieter Gollmann

Published in: Dagstuhl Seminar Proceedings, Volume 8302, Countering Insider Threats (2008)

Abstract
This article summarizes the objectives and structure of a seminar with the same title, held from July 20th to July 25th, 2008, at Schloss Dagstuhl, Germany. The seminar brought together researchers and policy-makers from all involved communities, to clarify what it is that identifies an insider threat, and to develop a common vision of how an insider can be categorized as well as an integrated approach that allows a qualitative reasoning about the threat and the possibilities of attacks. This report gives an overview of the discussions and presentations during the week, as well as the outcome of these discussions.
Cite as

Christian W. Probst, Jeffrey Hunker, Matt Bishop, and Dieter Gollmann. 08302 Summary – Countering Insider Threats. In Countering Insider Threats. Dagstuhl Seminar Proceedings, Volume 8302, pp. 1-18, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2008)

Copy BibTex To Clipboard

@InProceedings{probst_et_al:DagSemProc.08302.2,
  author =	{Probst, Christian W. and Hunker, Jeffrey and Bishop, Matt and Gollmann, Dieter},
  title =	{{08302 Summary – Countering Insider Threats}},
  booktitle =	{Countering Insider Threats},
  pages =	{1--18},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2008},
  volume =	{8302},
  editor =	{Matt Bishop and Dieter Gollmann and Jeffrey Hunke and Christian W. Probst},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.08302.2},
  URN =		{urn:nbn:de:0030-drops-17937},
  doi =		{10.4230/DagSemProc.08302.2},
  annote =	{Keywords: Insider threat, workshop report}
}
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail
© 2023-2024 Schloss Dagstuhl – LZI GmbH Imprint Privacy Contact