The Remedy Dimension of Vulnerability Analysis
作者: Per Kaijser , Ulf Lindqvist , Erland Jonsson
DOI:
关键词:
摘要: This work is aimed at supporting system and information owners in their mission to apply a proper remedy when security flaw discovered during operation. A broad analysis of the different aspects remediation has resulted structured taxonomy that will guide through identification process. The produced process help make decisions about changes or procedures. selected vulnerability was able be removed using three remedies used as an example.
windowsecurity.com 参考文章(9)
Eugene H. Spafford, Ivan Krsul, Taimur Aslam, Use of A Taxonomy of Security Faults ,(1996)
J. C. Laprie, Dependability: Basic Concepts and Terminology Dependable Computing and Fault-Tolerant Systems. pp. 3- 245 ,(1992) , 10.1007/978-3-7091-9170-5_1
Gene Spafford, Simson Garfinkel, Practical UNIX and Internet Security ,(1996)
Marshall D. Abrams, Marvin V. Zelkowitz, Refereed paper: Striving for correctness Computers & Security. ,vol. 14, pp. 719- 738 ,(1995) , 10.1016/0167-4048(95)00022-4
J.H. Saltzer, M.D. Schroeder, The protection of information in computer systems Proceedings of the IEEE. ,vol. 63, pp. 1278- 1308 ,(1975) , 10.1109/PROC.1975.9939
Carl E. Landwehr, Alan R. Bull, John P. McDermott, William S. Choi, A taxonomy of computer program security flaws ACM Computing Surveys. ,vol. 26, pp. 211- 254 ,(1994) , 10.1145/185403.185412
Carl E. Landwehr, Formal Models for Computer Security ACM Computing Surveys. ,vol. 13, pp. 247- 278 ,(1981) , 10.1145/356850.356852
U. Lindqvist, E. Jonsson, How to systematically classify computer security intrusions ieee symposium on security and privacy. pp. 154- 163 ,(1997) , 10.1109/SECPRI.1997.601330
Harold Joseph Highland, None, Contingency planning: What to do when bad things happen to good systems: Jay. J. Kahn and Marshall D. Abrams, The MITRE Corp., McLean, VA, USA Computers & Security. ,vol. 14, pp. 609- ,(1995) , 10.1016/0167-4048(96)81679-8