Risk-based systems security engineering: stopping attacks with intention

Evans S.; Heinbuch D.; Kyle E.; Piorkowski J.; Wallner J.

首页> 外文期刊>IEEE security & privacy >Risk-based systems security engineering: stopping attacks with intention

【24h】

Risk-based systems security engineering: stopping attacks with intention

机译：基于风险的系统安全工程：故意阻止攻击

获取原文

获取原文并翻译 | 示例

获取外文期刊封面封底 >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

In most modern information systems (IS), functionality and security are competing design goals. Therefore, system designers are constantly forced to make security-related trade-off decisions. Systems security engineers must build systems that are secure against real-world attacks without overengineering against any particular one. By understanding which attacks are most likely and which risks are most serious, system designers can make informed security-related trade-off decisions. We describe a systems security engineering methodology designers can use to make these decisions.

机译：在大多数现代信息系统（IS）中，功能和安全性是相互竞争的设计目标。因此，系统设计人员经常被迫做出与安全性相关的权衡决策。系统安全工程师必须构建能够抵御实际攻击的系统，而又不会针对任何特定的系统进行过度设计。通过了解哪些攻击最有可能发生以及哪些风险最严重，系统设计人员可以做出与安全性有关的明智权衡决策。我们描述了设计人员可以用来做出这些决策的系统安全工程方法论。

著录项

来源
《IEEE security & privacy》 |2004年第6期|p.59-62|共4页
作者
Evans S.; Heinbuch D.; Kyle E.; Piorkowski J.; Wallner J.;
展开▼
作者单位

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类计算技术、计算机技术;
关键词
computer network management; information systems; risk analysis; security of data; systems engineering; telecommunication security; IS; real-world attacks; risk-based security engineering; systems security engineering; trade-off decisions; 65; Mordor; attack intentio;

机译：计算机网络管理;信息系统;风险分析;数据安全性;系统工程;电信安全;IS;真实世界的攻击;基于风险的安全工程;系统安全工程;权衡决策;65;Mortor;攻击意图;

相似文献

外文文献
中文文献
专利

1. Quantitative risk-based security prediction for component-based systems with explicitly modeled attack profiles [J] . Lars Grunske, David Joyce Journal of systems and software . 2008,第8期

机译：具有明确建模的攻击配置文件的基于组件的系统的基于风险的定量安全预测
2. Testing of network security systems through DoS, SQL injection, reverse TCP and social engineering attacks [J] . Arianit Maraj, Ermir Rogova, Genc Jakupi International Journal of Grid and Utility Computing . 2020,第1期

机译：通过DoS，SQL注入，反向TCP和社会工程学攻击测试网络安全系统
3. SMART: security model adversarial risk-based tool for systems security design evaluation [J] . Paul A Wortman, John A Chandy Journal of Cybersecurity . 2020,第1期

机译：SMART：安全模型对系统安全设计评估的基于对抗的风险工具
4. Concentrated Stopping Set Design for Coded Merkle Tree: Improving Security Against Data Availability Attacks in Blockchain Systems [C] . Debarnab Mitra, Lev Tauz, Lara Dolecek IEEE Information Theory Workshop . 2021

机译：CODED MERKLE树集中停止集设计：在区块链系统中提高数据可用性攻击的安全性
5. Risk-based security assessment for operating electric power systems. [D] . Wan, Hua. 1999

机译：电力系统运行的基于风险的安全评估。
6. Security Threat Assessment of an Internet Security System Using Attack Tree and Vague Sets [O] . Kuei-Hu Chang -1

机译：使用攻击树和Vague集的Internet安全系统的安全威胁评估
7. Concentrated Stopping Set Design for Coded Merkle Tree: Improving Security Against Data Availability Attacks in Blockchain Systems [O] . Debarnab Mitra, Lev Tauz, Lara Dolecek 2021

机译：CODED MERKLE树集中停止集设计：在区块链系统中提高数据可用性攻击的安全性
8. Risk-Based COTS Systems Engineering Assessment Model: A Systems Engineering Management Tool and Assessment Methodology to Cope with the Risk of Commercial Off-the-Shelf (COTS) Technology Insertion During the System Life Cycle. [R] . Lebron, R. A., Rossi, R., Foor, W. 2000

机译：基于风险的COTs系统工程评估模型：系统工程管理工具和评估方法，以应对系统生命周期中商业现货（COTs）技术插入的风险。

Risk-based systems security engineering: stopping attacks with intention

摘要

著录项

相似文献

相关主题

期刊订阅