Jocelyn Aubert, Thomas Schaberreiter, Christophe Incoul, D. Khadraoui, B. Gâteau
{"title":"关键基础设施中相互依赖服务实时安全监控的基于风险的方法","authors":"Jocelyn Aubert, Thomas Schaberreiter, Christophe Incoul, D. Khadraoui, B. Gâteau","doi":"10.1109/ARES.2010.102","DOIUrl":null,"url":null,"abstract":"In today’s world, where most of the critical infrastructures (CI) are based on distributed systems, security failures have become very common, even within large corporations. The critical infrastructures are tightly interconnected, mutually dependent, and are exposed everyday to new risks.These (inter)dependencies generate potential cascading effects that may spread a malfunction or an attack from one part of the system to another dependent infrastructure.In this paper, we propose a risk-based methodology that aims to monitor interdependent services based on generic risks and assurance levels using the classical security properties: Confidentiality, Integrity and Availability. This allows each CI owner to monitor, react and adopt the best behavior corresponding to the security status of its different services.","PeriodicalId":360339,"journal":{"name":"2010 International Conference on Availability, Reliability and Security","volume":"135 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":"{\"title\":\"Risk-Based Methodology for Real-Time Security Monitoring of Interdependent Services in Critical Infrastructures\",\"authors\":\"Jocelyn Aubert, Thomas Schaberreiter, Christophe Incoul, D. Khadraoui, B. Gâteau\",\"doi\":\"10.1109/ARES.2010.102\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In today’s world, where most of the critical infrastructures (CI) are based on distributed systems, security failures have become very common, even within large corporations. The critical infrastructures are tightly interconnected, mutually dependent, and are exposed everyday to new risks.These (inter)dependencies generate potential cascading effects that may spread a malfunction or an attack from one part of the system to another dependent infrastructure.In this paper, we propose a risk-based methodology that aims to monitor interdependent services based on generic risks and assurance levels using the classical security properties: Confidentiality, Integrity and Availability. This allows each CI owner to monitor, react and adopt the best behavior corresponding to the security status of its different services.\",\"PeriodicalId\":360339,\"journal\":{\"name\":\"2010 International Conference on Availability, Reliability and Security\",\"volume\":\"135 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-03-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"19\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2010.102\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2010.102","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Risk-Based Methodology for Real-Time Security Monitoring of Interdependent Services in Critical Infrastructures
In today’s world, where most of the critical infrastructures (CI) are based on distributed systems, security failures have become very common, even within large corporations. The critical infrastructures are tightly interconnected, mutually dependent, and are exposed everyday to new risks.These (inter)dependencies generate potential cascading effects that may spread a malfunction or an attack from one part of the system to another dependent infrastructure.In this paper, we propose a risk-based methodology that aims to monitor interdependent services based on generic risks and assurance levels using the classical security properties: Confidentiality, Integrity and Availability. This allows each CI owner to monitor, react and adopt the best behavior corresponding to the security status of its different services.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
