Role-Based Access Control Models
Computer
An Approach for Managing Service Dependencies with XML and the Resource Description Framework
Journal of Network and Systems Management
Evaluating the Impact of Automated Intrusion Response Mechanisms
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Efficient Minimum-Cost Network Hardening Via Exploit Dependency Graphs
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Managing attack graph complexity through visual hierarchical aggregation
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Policy Modeling and Refinement for Network Security Systems
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Dependency Algebra: A Tool for Designing Robust Real-Time Systems
RTSS '05 Proceedings of the 26th IEEE International Real-Time Systems Symposium
Graph based Metrics for Intrusion Response Measures in Computer Networks
LCN '07 Proceedings of the 32nd IEEE Conference on Local Computer Networks
Intrusion response cost assessment methodology
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Informing the decision process in an automated intrusion response system
Information Security Tech. Report
A system dependability modeling framework using AADL and GSPNs
Architecting dependable systems IV
Hi-index | 0.00 |
In the complex world of information services, we are realizing that system dependencies upon one another have not only operational implications but also security implications. These security implications are multifold. Beyond allowing an attacker to propagate over an information system by leveraging stepping stones vulnerabilities, it also allows a defender to select the most interesting enforcement points for its policies, overall reducing the cost of managing the security of these complex systems. In this paper, we present a dependency model that has been designed for the purpose of providing security operators with a quantitative decision support system for deploying and managing security policies.