Paper ID# 900425.PDF
MANAGING EVOLVING SECURITY SITUATIONS
Jyri Kivimaa
Cooperative Cyber Defence
Centre of Excellence
Tallinn, Estonia
Andres Ojamaa
Institute of Cybernetics at
Tallinn University of Technology
Tallinn, Estonia
Enn Tyugu
Cooperative Cyber Defence
Centre of Excellence
Tallinn, Estonia
ABSTRACT
A method is described that takes into account the invest-
ments done in the security and/or achieved security con-
fidence in planning new security measures. The method
uses new integral security metrics and the well-known
graded security model. A precondition for the application
of this method is the availability of expert knowledge
or statistical data for the model in use that describes a
class of situations where the analyzed security situation
belongs to. For a number of situations at present, this
information has been extracted from standards of graded
security. For specific military communications applica-
tions the data must be collected from a log analysis of
characteristic attacks and security reports, as well as by
the traditional knowledge acquisition means.
1. INTRODUCTION
The security situation in cyber space is changing rapidly.
This requires continuous analysis of security situations
and continuous security management: selection of se-
curity measures, planning of investments for security
measures groups. Our goal is to provide a method for
planning security measures not only for a fixed time
point, but to do this for a longer time period, possibly, in-
vesting into the security gradually. This paper presents a
method that is an extension of the Pareto-optimal security
situation analysis implemented in an expert system [4]. It
takes into account the legacy systems and security levels
achieved by means of former investments. This enables
one to plan the usage of resources considering evolving
security situations over a longer time period.
Comprehensive security planning is a complex task.
This can be seen from the complexity of standards and
requirements like Common Criteria [7] or ISKE [1].
Standards prescribe minimal required measures, and usu-
ally do not include economic parameters—the costs of
implementing the security measures. A detailed cost-
benefit analysis of cyber security [2] may require months.
An alternative approach is to manage security on the
basis of security requirements. It is efficient, if reason-
ably good expert knowledge of security requirements and
goals is available. We have taken this approach.
A well-known graded security methodology [6, 8] is
based on a comprehensive but coarse grained model, and
provides a way of planning security and calculating costs.
In our paper [4] we have shown how to use the graded
security model for finding optimal solutions depending
on the given security situation. However, a description of
a situation there reflects neither the investments already
done into security nor the levels of security already
achieved. Based on the application of a discrete dy-
namic programming method described in [5], one can
solve rather complex security optimization problems on
ordinary PCs and laptops. This enabled us to extend the
optimization method for longer time intervals, solving
the optimization problem stepwise.
This paper is organized as follows. In the next section we
present briefly the graded security method that provides
the functional dependencies needed for calculations. A
separate section (Section 3) is devoted to the discussion
of the integral security metrics needed for comparing
the solutions. These metrics were introduced for the first
time in [4]. The following Section 4 includes a brief
description of the software used for making calculations.
Section 5 includes a discussion of the influence of the
legacy security on new security solutions. It presents
formulas needed for planning evolving security mea-
sures. Section 6 includes descriptions of solvable legacy
security problems and some solutions.
1 of 7
