Adaptive Security Metrics for Computer Systems

摘要

The major concern for a computer system is its security and integrity. It is necessary to check the security level of your system and keep it updated. This can be best achieved by using a metric system. At present, there is no standard metric to measure the integrity and security of a computer system. Defining a standard metric that suits all the systems is difficult, considering the fact that every system is built according to the functions it is used for. The Computer systems are used for millions of different functions. In this work we develop an adaptive metric system for measuring security and integrity level of a computer system. To define the metric system we have used a matrix called Security Matrix. We call this matrix adaptive because users can introduce or delete columns in the matrix according to their requirements. The idea behind this is to allow the user to have a metric system that suits his or her system best Each dimension in the matrix represents one influential factor of the system security and integrity. The factors can vary from the software used in the system to the mediums of attack on the system. In this thesis we refer the system for a single computer or multiple computers connected in a network infrastructure using routers and switches.