Home > Publications
Home University of Twente
Prospective Students
Intranet (internal)

EEMCS EPrints Service

18189 Portunes: analyzing multi-domain insider threats
Home Policy Brochure Browse Search User Area Contact Help

Dimkov, T. and Pieters, W. and Hartel, P.H. (2010) Portunes: analyzing multi-domain insider threats. Technical Report TR-CTIT-10-39, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625

Full text available as:


379 Kb
Open Access

Exported to Metis


The insider threat is an important problem in securing information systems. Skilful insiders use attack vectors that yield the greatest chance of success, and thus do not limit themselves to a restricted set of attacks. They may use access rights to the facility where the system of interest resides, as well as existing relationships with employees. To secure a system, security professionals should therefore consider attacks that include non-digital aspects such as key sharing or exploiting trust relationships among employees. In this paper, we present Portunes, a framework for security design and audit, which incorporates three security domains: (1) the security of the computer system itself (the digital domain), (2) the security of the location where the system is deployed (the physical domain) and (3) the security awareness of the employees that use the system (the social domain). The framework consists of a model, a formal language and a logic. It allows security professionals to formally model elements from the three domains in a single framework, and to analyze possible attack scenarios. The logic enables formal specification of the attack scenarios in terms of state and transition properties.

Item Type:Internal Report (Technical Report)
Research Group:EWI-DIES: Distributed and Embedded Security, EWI-IS: Information Systems
Research Program:CTIT-ISTRICE: Integrated Security and Privacy in a Networked World
Research Project:VISPER: The VIrtual Security PERimeter for digital, physical, and organisational security
Uncontrolled Keywords:insider threat, physical security, security awareness, security
ID Code:18189
Deposited On:11 November 2010
More Information:statisticsmetis

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item