About the Journal Editorial Board For authors Publication ethics Archive Abstracting & Indexing Contact us
Introduction
Online submission

№1, 2013

METHODS FOR ASSESSING THE SECURITY OF COMPUTER SYSTEMS

Ramiz H.Shikhaliyev, Tural E.Yunusov

ramiz@sciencez.az, turaly@mail.ru

The article analyzed some of the standards and methods of security assessment of computer systems, such as the common criteria, the index of systemic vulnerability, modeling of multi-stage attacks, intrusion detection, and identified some problems. (pp. 74-80)

Keywords: computer systems, security assessment, security metrics, methods of security assessment
References
  • Olsen F. Input: IT security spending to catch its breath. http://www.fcw.com/article89546-07-13-05.
  • Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and General Information, Part 2: Security Functional Requirements, Part 3: Security Assurance Requirements, Version 3.1 Revision 1, September 2006.
  • Foss A.J., Barbosa S., Assessing Computer Security Vulnerability // Operating Systems Review, July 1995, vol. 29, no. 3, pp. 3–13.
  • Clark K., Tyree S., Dawkins J., Hale J. Qualitative and Quantitative Analytical Techniques for Network Security Assessment / Proceedings of the 2004 IEEE Workshop on Information Assurance and Security, June 10-11, 2004, United States Military Academy, West Point, NY, pp. 321–328.
  • Howard M., Pincus J. Wing J. Measuring Relative Attack Surfaces // Computer Security in the 21st Century, D.T. Lee, S.P. Shieh, and J.D. Tygar, editors, Springer, March 2005, 109–137.
  • Hallberg J., Hunstad A., Peterson A. Framework for System Security Assessment / Proceedings of the 2005 IEEE Workshop on Information Assurance, June, 2005, West Point, New York, USA, pp. 224–231.
  • Hallberg J., Hunstad A., Bond A., Peterson M., Pålsson N. System IT Security Assessment, Scientific Report, Swedish Research Agency, Linköping, FOI-R–1468–E, 2004.
  • Gacic D. FSA – Framework for Security Assessment of Distributed Information Systems. Master’s thesis, Royal Institute of Technology, Stockholm, Sweden, 2006.
  • Schudel G., Wood B. Adversary Work Factor as a Metric for Information Assurance / Proceedings of the New Security Paradigm Workshop, September 18-22, 2000, Ireland, 23–30.
  • Swanson M., Bartol N., Sabato J. and Hash J. Security metrics guide for information technology systems. Technical Report NIST Special Publication 800-55, NIST, July 2003.
  • Manadhata P., WingJ. An Attack Surface Metric, Carnegie Mellon University, CMU-CS-05-155, 2005.
  • Chew E, Swanson M., Stine K., Bartol N., Brown A. and Robinson W. Performance Measurement Guide for Information Security. NIST Special Publication 800-55 Revision 1, July 2008.
  • Vaughn R., Henning R., Siraj A. Information Assurance Measures and Metrics – State of Practice and Proposed Taxonomy / Proceedings of the 36th Hawaii International Conference on System Sciences, January 6-9, 2003, Big Island, HI, USA.
  • http://www.commoncriteriaportal.org/cc/
  • Howard M., Fending Off Future Attacks by Reducing Attack Surface, 2003.
  • Jaquith A. Metrics are nifty / Proceedings of the MetriCon 1.0 Workshop in conjunction with the USENIX Association’s Security Symposium, August 1, 2006, Vancouver, British Columbia, Canada. www.securitymetrics.org/content/attach/Metricon1.0/metricon-1.0-presentations.zip
© Institute of Information Technology, 2023 www.ict.az |  secretary@iit.ab.az |  info@science.az
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.