Saved in:
Bibliographic Details
Main Authors: Liang, Qishen, Mirkovic, Jelena, Kocoloski, Brian
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2509.00266
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866909893756190720
author Liang, Qishen
Mirkovic, Jelena
Kocoloski, Brian
author_facet Liang, Qishen
Mirkovic, Jelena
Kocoloski, Brian
contents Academic and research cyberinfrastructures (AR-CIs) present unique security challenges due to their collaborative nature, heterogeneous components, and the lack of practical security assessment frameworks tailored to their needs. We propose Cyber Infrastructure Security Analysis Framework (CISAF) -- a simple, systematic, mission-centric approach to analyze the security posture of a CI and prioritize mitigation actions. CISAF guides administrators through a top-down process: (1) defining unacceptable losses, (2) identifying associated system hazards and critical assets, (3) analyzing possible attack paths that target these critical assets, and (4) analyzing security mechanisms that lie on these attack paths. By combining information about the CI architecture, mission, attack vectors, and security mechanisms, CISAF provides a clear overview of potential security risks and offers valuable information to prioritize mitigation actions.
format Preprint
id arxiv_https___arxiv_org_abs_2509_00266
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle CISAF: A Framework for Estimating the Security Posture of Academic and Research Cyberinfrastructure
Liang, Qishen
Mirkovic, Jelena
Kocoloski, Brian
Cryptography and Security
Academic and research cyberinfrastructures (AR-CIs) present unique security challenges due to their collaborative nature, heterogeneous components, and the lack of practical security assessment frameworks tailored to their needs. We propose Cyber Infrastructure Security Analysis Framework (CISAF) -- a simple, systematic, mission-centric approach to analyze the security posture of a CI and prioritize mitigation actions. CISAF guides administrators through a top-down process: (1) defining unacceptable losses, (2) identifying associated system hazards and critical assets, (3) analyzing possible attack paths that target these critical assets, and (4) analyzing security mechanisms that lie on these attack paths. By combining information about the CI architecture, mission, attack vectors, and security mechanisms, CISAF provides a clear overview of potential security risks and offers valuable information to prioritize mitigation actions.
title CISAF: A Framework for Estimating the Security Posture of Academic and Research Cyberinfrastructure
topic Cryptography and Security
url https://arxiv.org/abs/2509.00266