• DocumentCode
    1286745
  • Title

    Experimenting with quantitative evaluation tools for monitoring operational security

  • Author

    Ortalo, Rodolphe ; Deswarte, Yves ; Kaaniche, Mohamed

  • Author_Institution
    Lab. d´´Autom. et d´´Anal. des Syst., CNRS, Toulouse, France
  • Volume
    25
  • Issue
    5
  • fYear
    1999
  • Firstpage
    633
  • Lastpage
    650
  • Abstract
    This paper presents the results of an experiment in security evaluation. The system is modeled as a privilege graph that exhibits its security vulnerabilities. Quantitative measures that estimate the effort an attacker might expend to exploit these vulnerabilities to defeat the system security objectives are proposed. A set of tools has been developed to compute such measures and has been used in an experiment to monitor a large real system for nearly two years. The experimental results are presented and the validity of the measures is discussed. Finally, the practical usefulness of such tools for operational security monitoring is shown and a comparison with other existing approaches is given
  • Keywords
    graph theory; security of data; experiment; operational security monitoring; privilege graph; quantitative evaluation tools; Collaborative software; Collaborative work; Computer Society; Computer networks; Computer security; Computerized monitoring; Data security; Information security; Power system interconnection; Power system security;
  • fLanguage
    English
  • Journal_Title
    Software Engineering, IEEE Transactions on
  • Publisher
    ieee
  • ISSN
    0098-5589
  • Type

    jour

  • DOI
    10.1109/32.815323
  • Filename
    815323
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1286745