Title :
Checkmate network security modeling
Author :
Apostal, David ; Foote-Lennox, Tomo ; Markham, Tom ; Down, A. ; Lu, Raymond ; Brien, Dick O.
Author_Institution :
Secure Comput. Corp., Roseville, MN, USA
Abstract :
Effective reasoning about system attacks and responses requires a comprehensive model that covers all aspects of the system being analyzed, from network topology and configuration, to specific vulnerabilities, to possible adversary capabilities and possible attacks. A comprehensive model can be used as the basis for real-time attack/response simulations “what if” course of action analysis, policy simulation and debugging, and more. This paper describes the Checkmate security model and illustrates how this model can be used as the basis for a tool that performs effective security analysis on real-world networks
Keywords :
computer networks; military computing; real-time systems; security of data; telecommunication security; Checkmate; network security modeling tool; network topology; real-time attack simulation; real-time response simulation; system attacks; system responses; Analytical models; Computer networks; Databases; Debugging; Lakes; Network servers; Network topology; Protocols; Prototypes; Workstations;
Conference_Titel :
DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings
Conference_Location :
Anaheim, CA
Print_ISBN :
0-7695-1212-7
DOI :
10.1109/DISCEX.2001.932217
