Human error analysis for unsafe events of cloud ERP based on FTA-BN

doi:10.16265/j.cnki.issn1003-3033.2023.02.0412

Abstract

Abstract:

In order to figure out the human error factors of unsafe events of cloud ERP, a human error analysis model based on FTA-BN was constructed, which could avoid the limitations of a single method. Firstly, the unsafe events which were disclosed by security audit records of cloud ERP were classified and the causes of these events were analyzed, then the fault tree of unsafe events of cloud ERP was constructed. Moreover, the quantitative analysis of the minimum cut and structure importance were carried on according to the fault tree. Then the fault tree was mapped to BN structure. Based on case data, the final BN was obtained by structure learning and parameter learning. Furthermore, the probability of unsafe events was predicted by predictive reasoning and the critical human error factors were identified by sensitivity analysis. The results show that the key human error factors include inadequate work, insufficient training, insufficient resource, unclear responsibility and problems in the management process, so major efforts should be made on them to ensure sustainable security.

Key words: cloud enterprise resource planning(ERP), human error, unsafe events, fault tree analysis(FTA), Bayesian network(BN)

ZHANG Bingjian, SU Qin, LIU Hailong. Human error analysis for unsafe events of cloud ERP based on FTA-BN[J]. China Safety Science Journal, 2023, 33(2): 38-47.

Figures/Tables 13

Tab.1

Tab.2

Classification of unsafe events of cloud ERP

云ERP不安全事件分类	事件来源依据
基础设施、设备与虚拟化管理 $Q 1$	维护不当 $Q 5$ ^{[15⇓⇓⇓⇓-20]}
软件管理 $Q 2$	应用程序和终端不安全 $Q 6$ ^[15,18]、供应故障 $Q 7$ ^[15,19]、病毒感染 $Q 8$ ^[15,21]、系统崩溃 $Q 9$ ^[15,21]
数据资产管理 $Q 3$	数据加密不当 $Q 10$ ^[4,15-16]、数据存储不当 $Q 11$ ^[15,18,22]、数据泄露篡改 $Q 12$ ^[4,23]
人员管理 $Q 4$	没有尽责 $Q 13$ ^[15-16]、资质能力 $Q 14$ ^[15-16]

Tab.2

Tab.3

Name and description of human error factors

名称		中文描述	文献来源
$安全意识浅薄 H 1$		缺乏责任心或对安全规程持有忽视、冷漠和抵抗的态度	[3-4][6] [24][25-26]
$职责不清 H 2$		缺少对特定岗位角色、权限、责任的认识	[8⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓][26]
$工作不到位 H 3$		没有严格按照安全规程执行操作,如配置监督、防御措施等	[6⇓][8] [24-25]
$培训和教育不足 O 1$		缺少员工安全实践的培训,导致“钓鱼攻击”等的发生	[4][8][27-28]
名称	中文描述		文献来源
$资源分配不足 O 2$	管理层支持不够,在安全上投入的人力、物力、财力不足		[8⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓][28]
$管理流程的问题 O 3$	工作、组织与管理流程中的问题,包括授权流程、终止权限、资产返还、人员调配、沟通协调等		[8⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓][27]
$任务复杂 W 1$	工作难度高、责任重、任务多导致人员身心疲劳、压力爆棚,人员能力有限,无法及时保障云安全		[8⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓][28]
$技能、经验不足 T 1$	不具备岗位所需的技能和经验,无法应对系统故障或外部攻击		[6][8][28]
$安全文化环境匮乏 E 1$	缺少安全治理的措施、制度与政策;缺少对安全行为的奖励和对不安全行为的惩罚;没有安全氛围		[8][25-28]

Tab.3

Tab.4

Cause analysis of an unsafe event

不安全事件描述	所属大类 (Q₁~Q₄)	事件到原因的分析
没有按规定提前部署抵制带宏病毒的文档的措施,导致下载文档的员工交叉感染	$Q 2$	$Q 2$ >> $Q 8$ >>无防御>> $Q 15$ >> $E 1 、 H 1 、 H 3$

Tab.4

Fig.1

Fig.2

Fig.3

Fig.4

Fig.5

Fig.6

Fig.7

Tab.5

Sensitivity of nodes when the state of Q3 is 'yes'

节点类型	假设数据资产管理 $Q 3$ 发生不安全事件
节点类型	先验概率/%	后验概率/ %	敏感性 (变化率)/%	排序
安全意识浅薄 $H 1$	40.95	47.69	16.46	3
职责不清 $H 2$	9.52	10.11	6.20	5
工作不到位 $H 3$	81.90	87.25	6.53	4
培训和教育不足 $O 1$	20.00	47.52	137.60	1
安全文化环境匮乏 $E 1$	10.48	22.32	112.98	2

Tab.5

Tab.6

Probability of unsafe events when setting the states of human error factors%

不安全人因类型	不安全事件类型
不安全人因类型	基础设施、设备与虚拟化管理 $Q 1$	软件管理 $Q 2$	数据资产管理 $Q 3$	人员管理 $Q 4$
安全意识浅薄 $H 1$	8.57	47.26	26.21	11.46
职责不清 $H 2$	8.57	54.66	23.90	11.46
工作不到位 $H 3$	8.48	28.24	23.98	7.54
培训和教育不足 $O 1$	8.57	29.56	53.48	18.21
资源分配不足 $O 2$	75.02	28.52	22.51	11.46
管理流程的问题 $O 3$	8.57	28.52	22.51	41.04
任务复杂 $W 1$	8.57	28.52	22.51	68.66
技能、经验不足 $T 1$	11.14	36.30	25.84	21.85
安全文化环境匮乏 $E 1$	8.57	42.99	47.95	11.46
维护不当 $Q 5$	100	29.57	22.89	11.88
应用程序和终端不安全 $Q 6$	8.57	76.13	35.80	9.17
供应故障 $Q 7$	8.61	86.73	24.24	12.91
病毒感染 $Q 8$	8.82	81.81	26.23	11.62
系统崩溃 $Q 9$	9.31	79.37	37.62	11.18
数据加密不当 $Q 10$	8.48	29.72	88.75	14.81
数据存储不当 $Q 11$	8.57	44.75	85.17	11.29
数据泄露篡改 $Q 12$	9.29	50.09	80.25	10.62
没有尽责 $Q 13$	8.57	28.94	35.01	95.54
资质能力 $Q 14$	9.12	25.82	16.81	97.10
人员违规 $Q 15$	8.50	51.35	35.48	8.47
人员差错 $Q 16$	9.82	52.22	34.33	10.96

Tab.6

References 30

[1]	国务院. “十四五”数字经济发展规划[EB/OL].(2022-01-12). http://www.gov.cn/zhengce/content/2022-01/12/content_ 5667817.htm
[2]	工业和信息化部. 工业和信息化部关于印发《推动企业上云实施指南(2018—2020年)》的通知[EB/OL]. (2018-08-10). https://www.miit.gov.cn/jgsj/xxjsfzs/wjfb/art/2020/art_06a6a6a924ba46adb39735d90f61765d.html
[3]	曾忠平. 信息安全人因风险研究进展综述[J]. 情报杂志, 2014, 33(4) : 6-11.
	ZENG Zhongping. A comprehensive review of the theories and practices of human factor risk analysis in information security management[J]. Journal of Intelligence, 2014, 33(4):6-11.
[4]	Cloud Security Alliance. Top threats to cloud computing: egregious eleven[EB/OL].(2019-08-06). https://cloudsecurityalliance.org/artifacts/top-threats-to-cloud-computing-egregious-eleven/
[5]	RHEE H S, KIM C T, RYU Y. Self-efficacy in information security: its Influence on end users' information security practice behavior[J]. Computers & Security, 2009, 28(8): 816-826. doi: 10.1016/j.cose.2009.05.008
[6]	JOHN L. Improving user security behaviour[J]. Computers & Security, 2003, 20(8):685-692.
[7]	高原, 吴长安. 云计算下的信息安全问题研究[J]. 情报科学, 2015, 33(11):48-52.
	GAO Yuan, WU Chang'an. Study of informational security question under the cloud computing[J]. Information Science, 2015, 33(11):48-52.
[8]	SARA K, PASCALE C, JOHN C. Human and organizational factors in computer and information security: pathways to vulnerabilities[J]. Computer & Security, 2009, 28(7):509-520. doi: 10.1016/j.cose.2009.04.006
[9]	PEARL J. Probabilistic reasoning in intelligent systems: networks of plausible inference[J]. Computer Science Artificial Intelligence, 1988, 70(2):1022-1027.
[10]	王军武, 王梦雨, 刘登辉, 等. 基于HFACS-BN的地铁车站施工高处坠落可能性评价[J]. 中国安全科学学报, 2021, 31(6):90-98. doi: 10.16265/j.cnki.issn 1003-3033.2021.06.012
	WANG Junwu, WANG Mengyu, LIU Denghui, et al. Evaluation of falling possibility at height in subway station construction based on HFACS-BN[J]. China Safety Science Journal, 2021, 31(6):90-98. doi: 10.16265/j.cnki.issn 1003-3033.2021.06.012
[11]	许保光, 王蓓蓓, 池宏, 等. 基于贝叶斯网络的航空安全中不安全信息分析[J]. 中国管理科学, 2020, 28(12):118-128.
	XU Baoguang, WANG Beibei, CHI Hong, et al. Insecurity information analysis in civil aviation safety based on Bayesian network[J]. Chinese Journal of Management Science, 2020, 28(12):118-128.
[12]	潘丹, 李永周, 罗帆, 等. 飞行区外来物入侵安全风险致因FTA-BN模型[J]. 中国安全科学学报, 2021, 31(6):7-13. doi: 10.16265/j.cnki.issn 1003-3033.2021.06.002
	PAN Dan, LI Yongzhou, LUO Fan, et al. FTA-BN model of risk causation for FOD intrusion in flight area[J]. China Safety Science Journal, 2021, 31(6):7-13. doi: 10.16265/j.cnki.issn 1003-3033.2021.06.002
[13]	KHAKZAD N, KHA F, AMYOTTE P. Safety analysis in process facilities: comparison of fault tree and Bayesian network approaches[J]. Reliability Engineering and System Safety, 2011, 96(8):925-932. doi: 10.1016/j.ress.2011.03.012
[14]	周志华. 机器学习[M]. 北京: 清华大学出版社, 2016:156-157.
[15]	Cloud Security Alliance. CCM v4.0 implementation guidelines[EB/OL]. [2021-12-03]. https://cloudsecurityalliance.org/artifacts/ccm-v4-0-implementation-guidelines/
[16]	ENISA. Cloud computing benefits, risks and recommendations for information security: cloud computing security risk assessment[EB/OL]. (2022-05-24). https://www.enisa.europa.eu/publications/cloud-computing-risk-assessment
[17]	ZISSIS D, LEKKAS D. Addressing cloud computing security issues[J]. Future Generation Computer Systems, 2012, 28(3):583-592. doi: 10.1016/j.future.2010.12.006
[18]	SINGH A, CHATTERJEE K. Cloud security issues and challenges:a survey[J]. Journal of Network & Computer Applications, 2017, 79(2):88-115.
[19]	姜茸, 马自飞, 李彤, 等. 云计算安全风险因素挖掘及应对策略[J]. 现代情报, 2015, 35(1):85-90. doi: 10.3969/j.issn.1008-0821.2015.01.016
	JIANG Rong, MA Zifei, LI Tong, et al. The security risk factors mining of cloud computing and coping strategies[J]. Journal of Modern Information, 2015, 35(1):85-90. doi: 10.3969/j.issn.1008-0821.2015.01.016
[20]	COPPOLINO L, D'ANTONIO S, MAZZEO G, et al. Cloud security: emerging threats and current solutions[J]. Computers & Electrical Engineering, 2017, 59:126-140.
[21]	周知, 吕美娇. 云服务中的数字学术信息资源安全风险防范[J]. 数字图书馆论坛, 2017(7):14-19.
	ZHOU Zhi, LYU MeiJiao. Digital academic information resources security risk preven-tion in cloud services[J]. Digital Library Forum, 2017(7):14-19.
[22]	CHOI M, LEE C. Information security management as a bridge in cloud systems from private to public organizations[J]. Sustainability, 2015, 7(9):12032-12 051.
[23]	SHIRVANI M H, RAHMANI A M, SAHAFI A. An iterative mathematical decision model for cloud migration: a cost and security risk approach[J]. Software Practice & Experience, 2018, 48(6):449-485.
[24]	KRUGER H A. A prototype for assessing information security awareness[J]. Computer & Security, 2006, 25: 289-296. doi: 10.1016/j.cose.2006.02.008
[25]	EIRIK A. A qualitative study of users' view on information security[J]. Computer & Security, 2007, 26:276-289. doi: 10.1016/j.cose.2006.11.004
[26]	MICHAEL W. A test of interventions for security threats from social engineering[J]. Information Management & Computer Security, 2008, 16(5):463-483.
[27]	WEI SHE, BHAVANI T. Security for enterprise resource planning systems[J]. Information Systems Security, 2007, 16:152-163. doi: 10.1080/10658980701401959
[28]	RODRIGO W, KIRSTIE H, KONSTANTIN B. An integrated view of human, organizational and technological challenges of IT security management[J]. Information Management & Computer Security, 2009, 17(1):4-19.
[29]	SHAPPEL S A, WIEGMAN N D A. The human factors analysis and classification system--HFACS[J]. American Libraries, 2000, 1(1):20-46.
[30]	STECK H. Constraint-based structural learning in Bayesian networks using finite data sets[D]. Munich: Technical University of Munich, 2001.

类型	名称	含义
逻辑门	与门	所有输入事件都发生时,输出事件才发生
逻辑门	或门	只要有一个输入事件发生,输出事件就发生
事件	顶事件	在故障树中代表系统整体故障的事件
	中间事件	故障树中中间层级的事件
	基本事件	能够清晰掌握其发生规律,容易针对性改正的事件