Technical gazette, Vol. 20 No. 2, 2013.
Preliminary communication
An approach to the assessment of potentially risky behaviour of ICT systems’ users
Krešimir Šolić
; J. J. Strossmayer University of Osijek, Faculty of Medicine, Department of Biophysics, Medical Statistics and Medical Informatics, Josipa Huttlera 4, HR-31000 Osijek, Croatia
Franjo Jović
; J. J. Strossmayer University of Osijek, Faculty of Electrical Engineering, Department of Computer Science, Kneza Trpimira b.b., HR-31000 Osijek, Croatia
Damir Blažević
; J. J. Strossmayer University of Osijek, Faculty of Electrical Engineering, Department of Computer Science, Kneza Trpimira b.b., HR-31000 Osijek, Croatia
Abstract
Information and Communication Technology system’s user should be considered as system’s component, because user’s behaviour can significantly affect the system’s security level. The aim of this paper is to develop an assessment method for user’s potentially risky behaviour. Ontology and OWL symbolic language have been chosen in order to define the semantic model and to formalize the knowledge of the domain on "user’s potentially risky behaviour". The Evidential Reasoning algorithm has been chosen for assessment of user’s behaviour. The normalized results for assessment on user’s behaviour give an interval ranging from 0,066 for the "naïve" user to 1,000 for the "paranoid" system’s user which can be used for reference in future work. This paper shows how to use the Evidential Reasoning algorithm to evaluate the human part of a technical system, how to evaluate a group of users instead of an individual evaluation. Furthermore, conditions required to map the algorithm to the ontological structure are defined.
Keywords
e-mail; evidential reasoning; ICT system; ontology; security; user's behaviour
Hrčak ID:
100256
URI
Publication date:
15.4.2013.
Visits: 2.286 *