In today's rapidly digitizing society, people place their trust in a wide range of digital services and systems that deliver latest news, process financial transactions, store sensitive information, etc. However, this trust does not have a solid foundation, because software code that supports this digital world has security vulnerabilities. These…

This dissertation uses design science research and engineering to develop a cloud-based simulator for modeling next-generation cybersecurity protection frameworks in the United States. The claim is made that an agile and neutral framework extending throughout the cyber-threat plane is needed for critical infrastructure protection (CIP). This…

There has been a constant growing security concern with insider attacks on network accessible computer systems. Users with power credentials can do almost anything they want with the systems they own with very little control or oversight. Most breaches occurring nowadays by power users are considered legitimate access and not necessarily…

Models, created using different modeling techniques, usually serve different purposes and provide unique insights. While each modeling technique might be capable of answering specific questions, complex problems require multiple models interoperating to complement/supplement each other; we call this Multi-Modeling. To address the syntactic and…

One of the most significant challenges faced by government officials today is securing information systems to make them more resilient to attack from increasingly complex challenges from cyber-criminals, state-sponsored groups, and other threats. Over the years, the federal government has developed and implemented Certification and Accreditation…