Next Article in Journal
Seismic Damage Identification Method for Curved Beam Bridges Based on Wavelet Packet Norm Entropy
Next Article in Special Issue
A Robust Dirichlet Reputation and Trust Evaluation of Nodes in Mobile Ad Hoc Networks
Previous Article in Journal
Oxygen Imaging for Non-Invasive Metastasis Detection
Previous Article in Special Issue
Intelligent Techniques for Detecting Network Attacks: Review and Research Directions
 
 
Article

An Adaptive, Situation-Based Risk Assessment and Security Enforcement Framework for the Maritime Sector

1
SecLab, Department of Informatics, University of Piraeus, Karaoli & Dimitriou 80, 18534 Piraeus, Greece
2
Institut de Recherche en Informatique de Toulouse (IRIT), Université Paul Sabatier, 31062 Toulouse, France
*
Authors to whom correspondence should be addressed.
These authors contributed equally to this work.
Academic Editors: Alexios Mylonas and Nikolaos Pitropakis
Sensors 2022, 22(1), 238; https://doi.org/10.3390/s22010238
Received: 15 November 2021 / Revised: 15 December 2021 / Accepted: 22 December 2021 / Published: 29 December 2021
(This article belongs to the Collection Cyber Situational Awareness in Computer Networks)
Maritime processes involve actors and systems that continuously change their underlying environment, location and threat exposure. Thus, risk mitigation requires a dynamic risk assessment process, coupled with an adaptive, event driven security enforcement mechanism, to efficiently deal with dynamically evolving risks in a cost efficient manner. In this paper, we propose an adaptive security framework that covers both situational risk assessment and situational driven security policy deployment. We extend MITIGATE, a maritime-specific risk assessment methodology, to capture situations in the risk assessment process and thus produce fine-grained and situation-specific, dynamic risk estimations. Then, we integrate DynSMAUG, a situation-driven security management system, to enforce adaptive security policies that dynamically implement security controls specific to each situation. To validate the proposed framework, we test it based on maritime cargo transfer service. We utilize various maritime specific and generic systems employed during cargo transfer, to produce dynamic risks for various situations. Our results show that the proposed framework can effectively assess dynamic risks per situation and automate the enforcement of adaptive security controls per situation. This is an important improvement in contrast to static and situation-agnostic risk assessment frameworks, where security controls always default to worst-case risks, with a consequent impact on the cost and the applicability of proper security controls. View Full-Text
Keywords: adaptive security; event management and analytics; situation-based risk assessment; situational policy elicitation and enforcement adaptive security; event management and analytics; situation-based risk assessment; situational policy elicitation and enforcement
Show Figures

Figure 1

MDPI and ACS Style

Grigoriadis, C.; Laborde, R.; Verdier, A.; Kotzanikolaou, P. An Adaptive, Situation-Based Risk Assessment and Security Enforcement Framework for the Maritime Sector. Sensors 2022, 22, 238. https://doi.org/10.3390/s22010238

AMA Style

Grigoriadis C, Laborde R, Verdier A, Kotzanikolaou P. An Adaptive, Situation-Based Risk Assessment and Security Enforcement Framework for the Maritime Sector. Sensors. 2022; 22(1):238. https://doi.org/10.3390/s22010238

Chicago/Turabian Style

Grigoriadis, Christos, Romain Laborde, Antonin Verdier, and Panayiotis Kotzanikolaou. 2022. "An Adaptive, Situation-Based Risk Assessment and Security Enforcement Framework for the Maritime Sector" Sensors 22, no. 1: 238. https://doi.org/10.3390/s22010238

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop