{"title":"结合防御图和企业架构模型进行安全分析","authors":"T. Sommestad, M. Ekstedt, Pontus Johnson","doi":"10.1109/EDOC.2008.37","DOIUrl":null,"url":null,"abstract":"Security is dependent on a mixture of interrelated concepts such as technical countermeasures, organizational policies, security procedures, and more. To facilitate rational decision making, these concepts need to be combined into an overall judgment on the current security posture, as well as potential future ones. Decision makers are, however, faced with uncertainty regarding both what countermeasures that is in place, and how well different countermeasures contribute to mitigating attacks. This paper presents a security assessment framework using the Bayesian statistics-based extended influence diagrams to combine attack graphs with countermeasures into defense graphs. The approach makes it possible to calculate the probability that attacks succeed based on an enterprise architecture model. The framework also takes uncertainties of the security assessment into consideration. Moreover, using the extended influence diagram formalism the expected loss from each attack can be calculated.","PeriodicalId":210496,"journal":{"name":"2008 12th International IEEE Enterprise Distributed Object Computing Conference","volume":"172 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"28","resultStr":"{\"title\":\"Combining Defense Graphs and Enterprise Architecture Models for Security Analysis\",\"authors\":\"T. Sommestad, M. Ekstedt, Pontus Johnson\",\"doi\":\"10.1109/EDOC.2008.37\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Security is dependent on a mixture of interrelated concepts such as technical countermeasures, organizational policies, security procedures, and more. To facilitate rational decision making, these concepts need to be combined into an overall judgment on the current security posture, as well as potential future ones. Decision makers are, however, faced with uncertainty regarding both what countermeasures that is in place, and how well different countermeasures contribute to mitigating attacks. This paper presents a security assessment framework using the Bayesian statistics-based extended influence diagrams to combine attack graphs with countermeasures into defense graphs. The approach makes it possible to calculate the probability that attacks succeed based on an enterprise architecture model. The framework also takes uncertainties of the security assessment into consideration. Moreover, using the extended influence diagram formalism the expected loss from each attack can be calculated.\",\"PeriodicalId\":210496,\"journal\":{\"name\":\"2008 12th International IEEE Enterprise Distributed Object Computing Conference\",\"volume\":\"172 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-09-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"28\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 12th International IEEE Enterprise Distributed Object Computing Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/EDOC.2008.37\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 12th International IEEE Enterprise Distributed Object Computing Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EDOC.2008.37","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Combining Defense Graphs and Enterprise Architecture Models for Security Analysis
Security is dependent on a mixture of interrelated concepts such as technical countermeasures, organizational policies, security procedures, and more. To facilitate rational decision making, these concepts need to be combined into an overall judgment on the current security posture, as well as potential future ones. Decision makers are, however, faced with uncertainty regarding both what countermeasures that is in place, and how well different countermeasures contribute to mitigating attacks. This paper presents a security assessment framework using the Bayesian statistics-based extended influence diagrams to combine attack graphs with countermeasures into defense graphs. The approach makes it possible to calculate the probability that attacks succeed based on an enterprise architecture model. The framework also takes uncertainties of the security assessment into consideration. Moreover, using the extended influence diagram formalism the expected loss from each attack can be calculated.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
