Service dependencies in information systems security

Authors:
Hervé Debar;Nizar Kheir;Nora Cuppens-Boulahia;Frédéric Cuppens
Affiliations:
Laboratoire SAMOVAR, UMR, Télécom SudParis, Evry, France;Télécom Bretagne, Cesson Sévigné Cedex, France;Télécom Bretagne, Cesson Sévigné Cedex, France;Télécom Bretagne, Cesson Sévigné Cedex, France
Venue:
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Year:
2010

Citing 12
Cited 0

Role-Based Access Control Models

Computer
An Approach for Managing Service Dependencies with XML and the Resource Description Framework

Journal of Network and Systems Management
Evaluating the Impact of Automated Intrusion Response Mechanisms

ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Design of a Role-Based Trust-Management Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Efficient Minimum-Cost Network Hardening Via Exploit Dependency Graphs

ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Managing attack graph complexity through visual hierarchical aggregation

Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Policy Modeling and Refinement for Network Security Systems

POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Dependency Algebra: A Tool for Designing Robust Real-Time Systems

RTSS '05 Proceedings of the 26th IEEE International Real-Time Systems Symposium
Graph based Metrics for Intrusion Response Measures in Computer Networks

LCN '07 Proceedings of the 32nd IEEE Conference on Local Computer Networks
Intrusion response cost assessment methodology

Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Informing the decision process in an automated intrusion response system

Information Security Tech. Report
A system dependability modeling framework using AADL and GSPNs

Architecting dependable systems IV

Quantified Score

Hi-index	0.00

Visualization

Abstract

In the complex world of information services, we are realizing that system dependencies upon one another have not only operational implications but also security implications. These security implications are multifold. Beyond allowing an attacker to propagate over an information system by leveraging stepping stones vulnerabilities, it also allows a defender to select the most interesting enforcement points for its policies, overall reducing the cost of managing the security of these complex systems. In this paper, we present a dependency model that has been designed for the purpose of providing security operators with a quantitative decision support system for deploying and managing security policies.