Security mechanisms are at the base of modern computer systems, demanded to be more and more reactive to changing environments and malicious intentions. Security policies unable to change in time are destined to be exploited and thus, system security compromised. However, the ability to properly change security policies is only possible once the most effective mechanism to adopt under specific conditions is known. To accomplish this goal, we propose to build a vulnerability model of the system by means of a model-based, layered security approach, then used to quantitatively evaluate the best protection mechanism at a given time and hence, to adapt the system to changing environments. The evaluation relies on the use of a powerful, flexible formalism such as Dynamic Bayesian Networks.
Model-based vulnerability assessment of self-adaptive protection systems
MARRONE, Stefano
2016
Abstract
Security mechanisms are at the base of modern computer systems, demanded to be more and more reactive to changing environments and malicious intentions. Security policies unable to change in time are destined to be exploited and thus, system security compromised. However, the ability to properly change security policies is only possible once the most effective mechanism to adopt under specific conditions is known. To accomplish this goal, we propose to build a vulnerability model of the system by means of a model-based, layered security approach, then used to quantitatively evaluate the best protection mechanism at a given time and hence, to adapt the system to changing environments. The evaluation relies on the use of a powerful, flexible formalism such as Dynamic Bayesian Networks.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
