Dependability Evaluation for Internet-Based Remote Systems

Abstract

Recently, the number of remote systems using the Internet has been increased and the services provided by such systems get various. They are required to have high dependability. The existing evaluations have some problems.For example, the evaluations based on RASIS are vague and those provided by Japanese government are very complicated. The existing evaluations are not uniformed, not understandable, and not quantitative.This paper proposes security evaluation metric which is a part of RASIS for remote systems using the Internet.The proposed metric gives quantitative evaluation in the similar manner of availability evaluation.It is based on the time that the system can tolerate take-over attack, which is one of the biggest threats among the attacks through the Internet.It can give appropriate system parameters to achieve the desired security.This paper applies it to example systems in order to confirm its effectiveness.