The layered security model: Analysis of systems from the conceptual, logical and physical viewpoints

Most security models are only suitable for limited problem domains, and are incomplete, as they do not consider all the ways security issues can arise. We have developed a practical security model that can be used to analyse systems more systematically, match more faithfully to their requirements, and which has widespread application. The model has three layers, which are the semantic (involving people), logical (computers) and physical layers including the relationships and interactions between them. This allows the analysis of systems in their entirety including human and physical factors, not just as technical systems. The model also has a horizontal constituent to represent the separate conceptual scope and connectivity of systems and entities at different layers. The model is intended to help in analysing, designing and configuring systems that can possibly be compromised at all three layers. It has application to broad problem domains such as critical infrastructure protection and specific business contexts such as banking applications. In addition, it can be used on a smaller scale to analyse components of systems or to investigate specific vulnerabilities. We examine the system of credit card transactions on the Internet to demonstrate the benefits of the model.