Representing Humans in System Security Models:
An Actor-Network Approach
Wolter Pieters
University of Twente
Enschede, The Netherlands
w.pieters@utwente.nl
Abstract
System models to assess the vulnerability of information
systems to security threats
typically represent a physical infrastructure (buildings)
and a digital infrastructure (computers and networks),
in combination with an attacker traversing the system
while acquiring credentials. Other humans are
generally not included, as their behavior is considered
more difficult to express. We propose a
graph-based reference model for reasoning about access in
system models including human actions,
inspired by the sociological actor-network theory,
treating humans and non-humans symmetrically.
This means that humans can employ things to gain access
(an attacker gains access to a room by
means of a key), but things can also employ humans to
gain access (a USB stick gains access to a
computer by means of an employee), leading to a simple
but expressive model. The model has the
additional advantage that it is not based on containment,
an increasingly problematic notion in the
age of disappearing boundaries between systems. Based on
the reference model, we discuss algorithms
for finding attacks, as well as examples. The reference
model can serve as a starting point for
discussing representations of human behavior in system
models, and for including human behavior
in other than graph-based approaches.
Keywords: actor-network theory, containment, hypergraphs,
security modelling, socio-technical
systems, vulnerability analysis
Journal of Wireless Mobile Networks,
Ubiquitous Computing, and Dependable Applications (JoWUA),
Vol. 2, No. 1, pp. 75-92, June 2011 [pdf]