A summary is not available for this content so a preview has been provided. Please use the Get access link above for information on how to access this content.
The I/O automata model of Lynch and Turtle (1987) is summarized and used to formalize several types of system integrity based on the control of transitions to invalid starts. Type-A integrity is exhibited by systems with no invalid initial states and that disallow transitions from valid reachable to invalid states. Type-B integrity is exhibited by systems that disallow externally-controlled transitions from valid reachable to invalid states, Type-C integrity is exhibited by systems that allow locally-controlled or externally-controlled transitions from reachable to invalid states. Strict-B integrity is exhibited by systems that are Type-B but not Type-A. Strict-C integrity is exhibited by systems that are Type-C but not Type-B. Basic results on the closure properties that hold under composition of systems exhibiting these types of integrity are presented in I/O automata-theoretic terms. Specifically, Type-A, Type-B, and Type-C integrity are shown to be composable, whereas Strict-B and Strict-C integrity are shown to not be generally composable. The integrity definitions and compositional results are illustrated using the familiar vending machine example specified as an I/O automaton and composed with a customer environment. The implications of the integrity definitions and compositional results on practical system design are discussed and a research plan for future work is outlined.< >
A system security engineering (SSE) methodology is used within the Secure Systems Engineering Department of AT&T Bell Laboratories during the analysis, design, and integration of computer and network systems. This evolving methodology focuses on how threats, vulnerabilities, and attacks on these systems are identified and mitigated, and how safeguards based on engineering estimates of risk are identified and integrated.
Threats to computer systems threat trees categorization of attacks Trojan horses and viruses common attack methods security labels the lattice of security labels security policies the Bell-Lapadula disclosure model BLM analysis and debate non-deductibility and non-interference security the Biba integrity model the Clark-Wilson integrity model denial of service safeguards and countermeasures auditing intrusion detection identification and authentication passwords encryption key management protocols access control covert channels composing security privileges and roles security kernels network security database security security evaluation greatest works in computer security.
A summary is not available for this content so a preview has been provided. Please use the Get access link above for information on how to access this content.
Malicious hackers utilize the World Wide Web to share knowledge. Analyzing the online communication of these threat actors can help reduce the risk of attacks. This book shifts attention from the defender environment to the attacker environment, offering a new security paradigm of 'proactive cyber threat intelligence' that allows defenders of computer networks to gain a better understanding of their adversaries by analyzing assets, capabilities, and interest of malicious hackers. The authors propose models, techniques, and frameworks based on threat intelligence mined from the heart of the underground cyber world: the malicious hacker communities. They provide insights into the hackers themselves and the groups they form dynamically in the act of exchanging ideas and techniques, buying or selling malware, and exploits. The book covers both methodology - a hybridization of machine learning, artificial intelligence, and social network analysis methods - and the resulting conclusions, detailing how a deep understanding of malicious hacker communities can be the key to designing better attack prediction systems.
The authors describe an approach to ensuring the integrity of software during development. The approach minimizes the need for a physically secure computing facility by allowing much of the software development to take place in an 'open' environment. The approach relies on the strict enforcement of a set of procedures to effectively counter threats (Trojan Horse insertion, attacks on secure storage facility etc.).< >
'%3e%3cpath fill='%23001489' d='M0 0v6h9V0z'/%3e%3cpath fill='%23e03c31' d='M0 0v3h9V0z'/%3e%3cg stroke='%23fff' stroke-width='2'%3e%3cpath id='d' d='m0 0 4.5 3L0 6m4.5-3H9'/%3e%3cuse xlink:href='%23b' stroke='%23ffb81c' clip-path='url(%23c)'/%3e%3c/g%3e%3cuse xlink:href='%23d' fill='none' stroke='%23007749' stroke-width='1.2'/%3e%3c/g%3e%3c/svg%3e)
