This course cover issues related to the modeling of information security risks for complex systems. The first part of the course will focus on problems related to security policy modeling (foundational results related to protection systems, access control models, ...). The second part will describe the formalism used for threat modeling (attack trees, attack-defense trees, attack graphs, bayesian networks for security, ...). Depending on the progress made, the course will also cover approaches for security risk management based on game theory (security games).
- Enseignant responsable de l'UE: Jean Leneutre
Année: 24/25