Title :
Using Attack Graphs to Design Systems
Author :
Gupta, Suvajit ; Winstead, Joel
Author_Institution :
Cigital
Abstract :
An attack graph is a visual aid used to document the known security risks of a particular architecture; in short, it captures the paths attackers could use to reach their goals. The graph´s purpose is to document the risks known at the time the system is designed, which helps architects and analysts understand the system and find good trade-offs that mitigate these risks. Once the risks are identified and understood in this way, the design can he refined iteratively until the risk becomes acceptable.
Keywords :
data visualisation; security of data; attack graphs; security risks; visual aids; Buildings; Computer architecture; Computer security; Cryptography; Data mining; File systems; Privacy; Protection; System testing; Time factors; agile; attack graphs; life cycle; software development; software engineering;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2007.100
