Modeling the Symptomatic Fixes Archetype in Enterprise Computer Security

TitleModeling the Symptomatic Fixes Archetype in Enterprise Computer Security
Publication TypeConference Papers
Year of Publication2006
AuthorsRosenfeld SN, Rus I, Cukier M
Date Published2006/09//
Keywordsbusiness data processing, decision making, decision-making, enterprise computer security, human factors, security of data, security-risk mitigation, symptomatic fixes archetype modeling, system dynamics model, system modeling
Abstract

To support decision-making for security-risk mitigation and the appropriate selection of security countermeasures, we propose a system dynamics model of the security aspects of an enterprise system. We developed such an executable model, incorporating the concept of archetypes. We present here one archetype for computer security, namely symptomatic fixes (or shifting the burden). Using simulation, we show one instance of how this archetype can be used for recognizing and diagnosing typical situations, as well as for fixing problems. The global effects of changes and behavioral trends are examined, and other instances of symptomatic fixes in security are described as well

DOI10.1109/COMPSAC.2006.62