Card image

Scholarly

Volume:3, Issue: 6, 2009 Page No: 1639 - 1644

International Journal of Information, Control and Computer Sciences

ISSN: 2517-9942

855 Downloads
Abstract Full Text Download References Share Add to Favorites
DOI:10.5281/zenodo.1081349 BibTeX JSON

Security Risk Analysis Based on the Policy Formalization and the Modeling of Big Systems

Security risk models have been successful in estimating the likelihood of attack for simple security threats. However, modeling complex system and their security risk is even a challenge. Many methods have been proposed to face this problem. Often difficult to manipulate, and not enough all-embracing they are not as famous as they should with administrators and deciders. We propose in this paper a new tool to model big systems on purpose. The software, takes into account attack threats and security strength.

Authors:
Keywords:
References:
[1] David Elliott Bell. Looking back at the bell-la padula model. Computer
Security Applications Conference, Annual, 0:337-351, 2005.
[2] K. J. Biba. Integrity considerations for secure computer systems.
Technical report, MITRE Corp., 04 1977.
[3] Fred'eric Cuppens and Nora Cuppens-Boulahia. Les mod'eles de s'ecurit'e.
Trait'e IC2, s'erie r'eseaux et t'el'ecoms, Jun 2006.
[4] DCSSI. La m'ethode ebios,www.ssi.gouv.fr/fr/confiance/methodes.html.
[5] Len Lapadula, The Original, D. Elliott Bell, and Leonard J. Lapadula.
titled secure computer systems: Mathematical foundations.
[6] Nicolas Stouls and Vianney Darmaillacq. D'eveloppement formel d-un
moniteur d'etectant les violations de politiques de s'ecurit'e de r'eseaux. In
S. Vignes and V. Vigui'e Donzeau-Gouge, editors, Approches Formelles
dans l-Assistance au D'eveloppement de Logiciels (AFADL-06), pages
179-193, March 2006.
[7] Xinwen Zhang, Ravi Sandhu, and Francesco Parisi-Presicce. Safety
analysis of usage control authorization models. In ASIACCS -06:
Proceedings of the 2006 ACM Symposium on Information, computer and
communications security, pages 243-254, New York, NY, USA, 2006.
ACM.
[8] Gansen Zhao and David W Chadwick. On the Modeling of Bell-LaPadula
Security Policies using RBAC. In Proceedings of 17th IEEE International
workshops on Enabling Technologies: Infrastructures for Collaborative
Enterprises (WETICE 2005), Rome, June 2008.