The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Inter-dependency evaluation through quantitative approaches is one of the open challenges in Critical Infrastructure Protection. The incapability to conduct appropriate networks inter-dependencies measurements undermines the possibility that the Critical Infrastructures protection programs can correctly assign resources and efforts for mitigation solutions targeted to the most important risks. ...
Recently, organizations around the world are becoming aware of the need to run risk management programs in order to enhance their information security. However, the majority of the existing qualitative/empirical methods fail to adhere to the terminology defined by ISO 27000-series and treat deliberate threats in a misleading way. In this paper, a quantitative risk analysis approach for deliberate...
IRRIIS was an EU FP6 IST Integrated Project on “Integrated Risk Reduction of Information-based Infrastructure Systems”. Whereas single Critical Infrastructures are well understood and managed today, dependencies and interdependencies between them are still a widely open issue within the same domain and across different domains. IRRIIS was focused on a comprehensive methodology, on integrated models...
In the last decade there has been a series of severe large scale power outages around the world. Deregulation and increasing interconnection among grids have left a complex topographical landscape of organizations and technology that spans traditional borders. Two examples are the 2003 outages in Italy and North America. Both these cases left more than fifty million people without power. As part of...
A way of controlling a cascading effect caused by a failure or a threat in a critical system is using intelligent mechanisms capable of predicting anomalous behaviours and also capable of reacting against them in advance. These mechanisms are known as Early Warning Systems (EWSs) and this will be precisely the main topic of this paper. More specifically, we present in this paper an EWS design based...
In this paper, we demonstrate the use of Reverse-111, a proactive crowd sourcing system which takes into account the fact that several users might be co-located with an emergency and can be contacted by an Emergency Response Centre (ERC), to provide relevant and useful information pertaining to an emergency situation. We have co-developed a variety of first responder agents who can participate within...
As the Internet continues to emerge as a critical information infrastructure, IT early warning systems (IT-EWS) have taken on greater importance in protecting both its endpoints and the infrastructure itself. Although it is generally accepted that open sharing of cyber data and warnings between the independent (but mutually vulnerable) endpoints promotes broader situational awareness, such openness...
Conventional adversary models used in the analysis of cryptographic protocols such as the Dolev-Yao model and variants rely on a simple communication model in which an adversary fully participates in network communication. In the case of control (supervisory control and data acquisition, SCADA) systems, this set of assumptions can lead to undesirable results as constraints on communication affect...
Over the last years Cloud Computing has been seen as an emerging technology, which has changed the way computing services are delivered. Cloud computing is not a new technology paradigm, but rather introduces a new way of delivering computing services and resources. On top of its potential value and the several advantages it offers, we can foresee a number of drawbacks of cloud computing, in terms...
Traditional cyber-security countermeasures are inadequate for protecting modern Industrial Critical Infrastructures. In this paper we present an innovative filtering technique for industrial protocols based on the state analysis of the system being monitored. Since we focus our attention on the system behavior rather than on modeling the behavior of the possible attackers, this approach enables the...
Voice over IP (VoIP) is a key technology, which provides new ways of communication. It enables the transmission of telephone calls over the Internet, which delivers economical telephony that can clearly benefit both consumers and businesses, but it also provides a cheap method of mass advertising. Those bulks unsolicited calls are known as SPam over Internet Telephony (SPIT). In this paper we illustrate...
Today’s Critical Infrastructures (CI) are highly interdependent in order to deliver their services with the required level of quality and availability. Information exchange among interdependent CI plays a major role in CI protection and risk prevention for interconnected CI were cascading effects might occur because of their interdependencies. This paper addresses the problem of the quality of information...
There is little doubt that the proper functioning of our modern society depends upon cyberspace, and that the continued growth in appetite for new technology and the potential benefits associated with it shows little sign of abating. Unfortunately the reality of modern information and communications systems involves a complex array of hardware, middleware, software, communications protocols and services,...
This paper presents first an ontology of risk for interdependent and heterogeneous Critical Infrastructures (CIs). It defines a data structure called Service Quality Descriptor (SQD) specifying the degradation of QoS over time, which should be shared between interconnected CI. SQD are shared in real time and contain a precise prediction of the future quality of service, so that this sharing can be...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.