QSec: Supporting Security Decisions on an IT Infrastructure
نویسندگان
چکیده
A global vulnerability of an IT infrastructure is a set of vulnerabilities in its nodes that enables a sequence of attacks where an agent acquires the privileges that each attack requires as a result of the previous attacks in the sequence. This paper presents QSec, a tool to support decision on the infrastructure security that queries a database with information on global vulnerabilities and the corresponding attack sequences. QSec can return information on, among others, global vulnerabilities, the corresponding attack sequences and the infrastructure nodes that are the target of a sequence. This information is fundamental to evaluate in more details the security of the infrastructure and to support decisions on vulnerabilities to be removed.
منابع مشابه
حدود صلاحیت دیوان عدالت اداری در انتصاب مدیران مؤسسات عمومی غیردولتی (مطالعه موردی مدیرعامل سازمان تأمین اجتماعی)
The Social Security Organization, according to The List of Non-governmental Organizations and Public Institutions Act, is a non-governmental public organization. It currently supports about 33 million workers, retirees and their families. Always there is alignment among the main objectives of social security and economic objectives of the country. All the factors that effect on econom...
متن کاملA survey on impact of cloud computing security challenges on NFV infrastructure and risks mitigation solutions
Increased broadband data rate for end users and the cost of resource provisioning to an agreed SLA in telecom service providers, are forcing operators in order to adhere to employment Virtual Network Functions (VNF) in an NFV solution. The newly 5G mobile telecom technology is also based on NFV and Software Define Network (SDN) which inherit opportunities and threats of such constructs. Thus a ...
متن کاملMatching information security vulnerabilities to organizational security profiles: a genetic algorithm approach
Organizations are making substantial investments in information security to reduce the risk presented by vulnerabilities in their information technology (IT) infrastructure. However, each security technology only addresses specific vulnerabilities and potentially creates additional vulnerabilities. The objective of this research is to present and evaluate a Genetic Algorithm (GA)based approach ...
متن کاملAuthorization models for secure information sharing: a survey and research agenda
This article presents a survey of authorization models and considers their 'fitness-for-purpose' in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration and emerg...
متن کاملSecurity Assurance for IT Infrastructure Supporting Airplane Production, Maintenance, and Operation
∗ Corresponding author: Scott A. Lintelman; Email: [email protected], Tel: 425-373-2611; Mailing address: 7L-49, 2760, 160 Ave SE, Bellevue, WA 98008 Abstract The present paper seeks to motivate interest in a Boeing-led workshop session on the security evaluation of IT infrastructure supporting aircraft, with focus on issues that arise when flight-critical software and related data a...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013