Title :
The REM Framework for Security Evaluation
Author :
Amato, Flora ; Casola, Valentina ; Mazzeo, Antonino ; Vittorini, Valeria
Author_Institution :
Dipt. di Inf. e Sist., Univ.´´ degli Studi di Napoli, Naples
Abstract :
A common approach to formally describe security mechanisms is the definition of proper policies. In many contexts, a system could be considered secure and trustworthy if the policy enforced by its security administrator is trust-worthy as well; within such contexts it is possible to evaluate the system security by evaluating its policy. In a previous paper we have proposed a policy-based methodology, the reference evaluation methodology (REM for short), to define and evaluate the security level that a system is able to provide. In this paper we illustrate the implementation of the REM framework to automatically evaluate the security level provided by a system and we discuss a real case study on the evaluation of the Certificate Authorities involved in the EUGridPMA project.
Keywords :
security of data; EUGridPMA project; policy-based methodology; reference evaluation methodology; security evaluation; system security; Availability; Buildings; Certification; Content addressable storage; Context-aware services; Extraterrestrial measurements; Performance evaluation; Public key; Security; Service oriented architecture;
Conference_Titel :
Availability, Reliability and Security, 2008. ARES 08. Third International Conference on
Conference_Location :
Barcelona
Print_ISBN :
978-0-7695-3102-1
DOI :
10.1109/ARES.2008.95
