Security mechanisms are at the base of modern computer systems, demanded to be more and more reactive to changing environments and malicious intentions. Security policies unable to change in time are destined to be exploited and thus, system security compromised. However, the ability to properly change security policies is only possible once the most effective mechanism to adopt under specific conditions is known. To accomplish this goal, we propose to build a vulnerability model of the system by means of a model-based, layered security approach, then used to quantitatively evaluate the best protection mechanism at a given time and hence, to adapt the system to changing environments. The evaluation relies on the use of a powerful, flexible formalism such as Dynamic Bayesian Networks.

Model-based vulnerability assessment of self-adaptive protection systems

MARRONE, Stefano
2016

Abstract

Security mechanisms are at the base of modern computer systems, demanded to be more and more reactive to changing environments and malicious intentions. Security policies unable to change in time are destined to be exploited and thus, system security compromised. However, the ability to properly change security policies is only possible once the most effective mechanism to adopt under specific conditions is known. To accomplish this goal, we propose to build a vulnerability model of the system by means of a model-based, layered security approach, then used to quantitatively evaluate the best protection mechanism at a given time and hence, to adapt the system to changing environments. The evaluation relies on the use of a powerful, flexible formalism such as Dynamic Bayesian Networks.
2016
Rodríguez, Ricardo J; Marrone, Stefano
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11591/365024
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? 2
social impact