Skip to content

Scenarios

Jump to bottom
carlos-ballester edited this page Sep 4, 2014 · 10 revisions

Scenarios Menu

The scenarios menu allows the user to run different simulations in order to extract meaningful statistics about risk and threats probabilities, to calculate the cost of a data breach or to use the privacy shield functionality, as presented in the following figure:

Muses GUI scenarios menu

  1. The user requests asset option lets the user to run a single access request simulation.
  2. The multi-agent option allows to run a simulation with several users, assets and amount of access requests per user.
  3. The security incident on asset sub-menu presents the user with an interface where access requests can be flagged as compromised after a simulation or cleared from security incidents.
  4. The data breach calculator option lets the user to compute the cost of a data breach given a certain number of parameters.
  5. Finally the privacy shield sub-menu permits to anonymize access requests for privacy compliance purposes.

Following we will explain the functionality of all these options in detail.

User Requests Asset

Muses GUI asset request simulation menu

In this mode, the user can simulate a single access request coming from a specific user and linked to a given asset of the company. There are many options to fine tune the simulation which we detail following, according to the numbering of the image above:

  1. Selects the asset that is going to be the object of the access request. The asset has always a value attached to it and an automatically generated negative outcome in the case of the asset being compromised, which equals to the negative value of the asset.
  2. Selects the user that is going to perform the access request. Selecting the user also generates automatically an opportunity equal to the hourly salary of that given user multiplied by the number of hours that the user is going to work (currently set to one hour).
  3. Allows for the selection of some other manually added opportunities besides the one that was automatically generated in the previous step.
  4. Enables the selection of several clues (can be zero) attached to the specific access request to simulate. These clues together with the asset and the user conform an specific situation which equals to a potential threat, which can later on materialize or not.
  5. Selects the risk policy to apply to the access decision computation, which will in turn affect its outcome depending on its risk threshold level. By default, there are three predefined policies: take full risk, which always allows the user to access the asset, take medium risk which establishes an average threshold value and take no risk which always denies the access to an asset.
  6. Determines the likelihood that a user will not access the asset because of external distractions or timeouts.
  7. Determines the behaviour of the user regarding whether she will give up if a risk treatment or announcement is presented at the time of requesting an asset.

After adjusting all these parameters the simulation can be run, generating a new access request, a threat specific to the situation, which might have happened already before or might be new, and an access decision based on the threat probability, the cost-benefit of the opportunity weighted against the threat and the selected risk policy.

Multi-Agent Simulation

Muses GUI multi-agent simulation menu

The aim of this simulation is similar to the previous one, but for large scale scenarios. Through the interface, the user can adjust several parameters to fine tune the simulation, that we detail following the numbering of the image above:

  1. Sets the amount of users to simulate, from 1 to 10000 (upper limit for memory reasons), generating them automatically on the fly with a fixed hourly salary of 200 and a trust level either randomly assigned or fixed by the user in option 5.
  2. Sets the amount of different assets to be generated and used in the simulation, from 1 to 10000, generating them with a fixed value of 10000.
  3. Lets the user to specify the amount of access requests each user is going to perform.
  4. Allows to force that each access request of the same user is directed against a different asset each time, global amount of assets permitting.
  5. Sets the trust value for each of the users to be generated, either randomly or all set to a fixed value chosen by the user, from 0 to 1 inclusive.
  6. Sets the % of users who will give up the access request due to distraction.
  7. Sets the % of users who will give up the access request due to excessive risk.
  8. Lets the user to specify whether random risk policies should be used for each access request simulation or a fixed one should be always used.
  9. Sets the likelihood of the asset taking part on an access request being compromised. This flags directly the access requests to compromised or cleared from security incidents for simulation purposes.
  10. Allows to force that each access request of the same user is directed against the same asset each time.
  11. Specifies whether the simulation should take into account opportunities or only threat risks.
  12. Specifies whether the simulation will present the user with a risk treatment in case of excessive risk detected (experimental, not implemented yet).

After adjusting all these parameters the simulation can be run, generating an amount of access requests equal to the amount of users multiplied by the amount of access requests per user, one threat specific to each situation, which might have happened already before or might be new, and access decisions based on the probability of each threat, the cost-benefit of the opportunity weighted against the threat and the selected risk policy.

Security Incident on Asset

Muses GUI security incident menu

This option provides a manual way to flag access requests as compromised or free of security incidents. Its aim is to simulate the detection or absence of a security incident after simulating a single access request from the user requests asset panel. After flagging a request, its associated threat get updated consequently recalculating the amount of total occurrences of the threat and the amount of bad outcomes.

Data Breach Calculator

Muses GUI data breach menu

This panel interfaces with Symantec's Data Breach Calculator, allowing the user to estimate the cost of a data breach given a set of parameters and options and the potential benefit associated with the amount of consultants of the company working regardless of the risk for a given amount of time with the assets to be compromised. It is divided in two sections, as can be seen in the previous figure:

  1. The first section allows to specify the characteristics of the company, the nature of the assets to be compromised and the company's security policies and measures and returns an estimate of the cost that would be incurred were those assets to be compromised.
  2. The second sections allows for a calculation of the benefit yielded by the consultants of the company working for a set amount of hours per month outside the company's premises based on their hourly salary.

Privacy Shield

Muses GUI privacy shield menu

Very similar to the security incident reporting interface, this panel depicted in the image above allows to pick a given access request and anonymize it by removing the user linked to it from both the request and the threat associated to it, while keeping all the rest of the data for probability computation and statistical data purposes. It is used to comply with the privacy laws present in most of the countries, where the data cannot be linked to a given user after a period of time and thus, should be anonymized.

OPPRIM-SIM

  1. Home
  2. OPPRIM
  3. Threats
  4. Opportunities
  5. Assets
  6. Clues
  7. Users
  8. [Risk Communications and Risk Treatments](https://github.com/jmseigneur/opprim-sim/wiki/Risk Communications and Treatments)
  9. [Risk Policies](https://github.com/jmseigneur/opprim-sim/wiki/Risk Policy)
  10. [Access Requests](https://github.com/jmseigneur/opprim-sim/wiki/Access Request)
  11. [Security Incidents](https://github.com/jmseigneur/opprim-sim/wiki/Security Incidents)
  12. Metrics
  13. User Guide
  14. Configure
  15. View
  16. Scenarios
  17. Help
  18. Connection
  19. Extending the Risk and Trust Metric
Clone this wiki locally