Usage formal models for vulnerability analysis

D. N. Kolegov

Geodesic

Parcourir par

Usage formal models for vulnerability analysis

D. N. Kolegov

Prikladnaâ diskretnaâ matematika, no. 1 (2009), pp. 113-116.

Voir la notice de l'article provenant de la source Math-Net.Ru

Résumé

In the paper the formal approach to vulnerability analysis based on mathematical security models of the computer systems is considered. The attacker model proposed in “Security assessment information technology criteria” is constructed and mathematical definition of the penetration stability is proposed in the terms of the DP-model.

Export
Comment citer

@article{PDM_2009_1_a6,
     author = {D. N. Kolegov},
     title = {Usage formal models for vulnerability analysis},
     journal = {Prikladna\^a diskretna\^a matematika},
     pages = {113--116},
     publisher = {mathdoc},
     number = {1},
     year = {2009},
     language = {ru},
     url = {http://geodesic.mathdoc.fr/item/PDM_2009_1_a6/}
}

TY  - JOUR
AU  - D. N. Kolegov
TI  - Usage formal models for vulnerability analysis
JO  - Prikladnaâ diskretnaâ matematika
PY  - 2009
SP  - 113
EP  - 116
IS  - 1
PB  - mathdoc
UR  - http://geodesic.mathdoc.fr/item/PDM_2009_1_a6/
LA  - ru
ID  - PDM_2009_1_a6
ER  -

%0 Journal Article
%A D. N. Kolegov
%T Usage formal models for vulnerability analysis
%J Prikladnaâ diskretnaâ matematika
%D 2009
%P 113-116
%N 1
%I mathdoc
%U http://geodesic.mathdoc.fr/item/PDM_2009_1_a6/
%G ru
%F PDM_2009_1_a6

D. N. Kolegov. Usage formal models for vulnerability analysis. Prikladnaâ diskretnaâ matematika, no. 1 (2009), pp. 113-116. http://geodesic.mathdoc.fr/item/PDM_2009_1_a6/

Bibliographie
Cité par

[1] Information technology. Security techniques. Evaluation criteria for IT security. Part 1: Introduction and general model, ISO/IEC 15408–1, 1999

[2] Information technology. Security techniques. Evaluation criteria for IT security. Part 2: Security functional requirements, ISO/IEC 15408–2, 1999

[3] Information technology. Security techniques. Evaluation criteria for IT security. Part 3: Security assurance components, ISO/IEC 15408–3, 1999

[4] Bezopasnost informatsionnykh tekhnologii. Kriterii otsenki bezopasnosti informatsionnykh tekhnologii, Ch. 1, 2 i 3. Rukovodyaschii dokument, Gostekhkomissiya Rossii, M., 2002

[5] Devyanin P. N., Analiz bezopasnosti upravleniya dostupom i informatsionnymi potokami v kompyuternykh sistemakh, Radio i svyaz, M., 2006, 176 pp.

[6] Kolegov D. N., “Analiz bezopasnosti informatsionnykh potokov po pamyati v kompyuternykh sistemakh s funktsionalno i parametricheski assotsiirovannymi suschnostyami”, Prikladnaya diskretnaya matematika, 2009, no. 1, 117–125

[7] NIST. Technical guide to information security testing and assessment, Recommendations of the National Institute of Standarts and Technology, September, 2008

[8] Bezopasnost informatsionnykh tekhnologii. Kontseptsiya otsenki sootvetstviya avtomatizirovannykh sistem trebovaniyam bezopasnosti informatsii, Rukovodyaschii dokument, FSTEK Rossii, M., 2004