7.3. Security Modeling

Information systems and networks are prone to security intrusions, where the range may vary from minor mischief for pleasure, DoS, and criminal interest for stealing or destroying critical information. This has made the security an important attribute for information systems and networks. Most of the reported research in the literature on security characterization has dealt with the qualitative aspects of security. A system is assigned a given security level with respect to the presence or absence of certain functional characteristics and the use of certain development techniques. Swiler et al. [14] and Jha et al. [15] use an attack graph to model the security vulnerabilities of a system and their exploitation by an attacker. ...

Get Information Assurance now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.