Browse > Article
http://dx.doi.org/10.13089/JKIISC.2010.20.1.123

Role Based Petri-Net : Role Based Expression Model for an Efficient Design of Attack Scenarios  

Park, Jun-Sik (Graduate School of Information Management and Security, Korea University)
Cho, Jae-Ik (Graduate School of Information Management and Security, Korea University)
Moon, Jong-Sub (Graduate School of Information Management and Security, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.20, no.1, 2010 , pp. 123-128 More about this Journal
Abstract
Graph expression of attack scenarios is a necessary method for analysis of vulnerability in server as well as the design for defence against attack. Although various requirement analysis model are used for this expression, they are restrictive to express combination of complex scenarios. Role Based Petri Net suggested in this paper offer an efficient expression model based role on Petri Net which has the advantage of concurrency and visuality and can create unknown scenarios.
Keywords
Petri Net; Security; Design; Analysis; RBAC;
Citations & Related Records
연도 인용수 순위
  • Reference
1 C. Girault and R. Valk, "Petri Nets for Systems Engineering," Springer-Verlag, Secaucus. NJ. USA, 597, 2002.
2 G. Helmer, J. Wong, M. Slagell, V. Honavar, L. Miller, Y. Yang, and R. Lutz, "Software Fault Tree and Colored Petri Net Based Specification, Design and Implementation of Agent-Based Intrusion Detection System," Int. J. Information and Computer Security, vol. 1, no. 1/2, pp. 109-142, Jan. 2007.   DOI
3 K. Jensen, "Coloured Petri nets: basic concepts, analysis methods, and practical use, Volume 3," Spinger-Verglag, Berlin, 265, 1997.
4 홍장의, 윤일철, 배두환, "객체지향 페트리넷을 이용한 계층적인 요구사항의 명세 및 검증," 정보과학회논문지, 27(2), pp. 157-167, 2000년 2월.
5 F.D.J. Bowden and M. Davies, "Application of a Role-Based Methodology to Represent Command and Control Processes Using Extended Petri Nets," IEEE International Conference on Systems, Man and Cybernetics, Orlando, Florida, USA, pp. 4348-4353, Oct. 1997.
6 P. Baldan, N. Busi, A. Corradini, and G.M. Pinna, "Functorial concurrent semantics for Petri nets with read and inhibitor arcs," Proceedings of the 11th International Conference on Concurrency Theory, LNCS 1877, pp. 442-457, 2000.
7 T. Murata, "Petri Nets: Properties, Analysis and Applications," Proceedings of IEEE, vol. 77, no. 4, pp. 541-580, Apr. 1989.
8 Y. Ru and W. Wu, "Finite Capacity Place Method Based Deadlock Prevention Algorithm," Journal of System Simulation, vol. 15, pp. 59-62, Aug. 2003.
9 R. Beresh, J. Ciufo, and G. Anders, "Basic fault tree analysis for use in protection reliability," International Journal of Reliability and Safety, vol. 2, no. 1/2, pp. 64-78, Oct. 2008.   DOI