null
US
Iniciar Sesión
Regístrate Gratis
Registro
Hemos detectado que no tienes habilitado Javascript en tu navegador. La naturaleza dinámica de nuestro sitio requiere que Javascript esté habilitado para un funcionamiento adecuado. Por favor lee nuestros
términos y condiciones
para más información.
Siguiente
Copiar y Editar
¡Debes iniciar sesión para completar esta acción!
Regístrate gratis
356140
U4. Security Models & Policy
Descripción
Masters Comp Sec Mapa Mental sobre U4. Security Models & Policy, creado por Craig Parker el 13/11/2013.
Sin etiquetas
comp sec
comp sec
masters
Mapa Mental por
Craig Parker
, actualizado hace más de 1 año
Más
Menos
Creado por
Craig Parker
hace más de 10 años
32
0
0
Resumen del Recurso
U4. Security Models & Policy
Policy
Policy= captures the requirements and describes the steps to be taken to achieve security
Organisatonal Security Policy
Rules that regulate how an organisation manages security
Must be well defined
Automated Security Policy
Restrictions & properties that specify how a computing system prevents violations of the organisational security policy
Models
Models = an 'idealised' implementation of an organisation’s security policy.
Models enforce the Access Control Structure policy and ensure "need to know"
Models allow formal validation of your implementation against the security policy. Benchmarking
Can be used to illustrate the Fundamental Design Principles
State Machine Model (automaton)
an abstract model that records relevant features of a system (IE: its security) at a particular point in tim
A state may change to another state at some later point in time, triggered possibly by a clock or some input event
movement from one state to another is known as a transition
the more states you try capture, the more complicated the model will become (more difficult to analyse).
Basic Security Theorem
If we can do these 3 things then we know that 'security' is preserved by all transitions and so the system will always be secure
1. Define the State Set so that it captures some aspect of 'security
2. Check that every state transition that begins in a 'secure' state ends in a 'secure' state
3. Check that the initial state of the system is 'secure'.
Ensure you define what "secure" is!
Mostrar resumen completo
Ocultar resumen completo
¿Quieres crear tus propios
Mapas Mentales
gratis
con GoConqr?
Más información
.
Similar
U2.1 Comp Sec: deals with prevention & detection of unauthorised actions by users of a comp system
Craig Parker
U3.2 Access Control Structures
Craig Parker
U3. Labels & Access Control
Craig Parker
U2.2 Fundamentals
Craig Parker
U3.1 Access Control
Craig Parker
U3.3 Administration
Craig Parker
U4. Bell-LaPladula
Craig Parker
U4. Biba
Craig Parker
U4. Further Aspects of BLP
Craig Parker
U4. Harrison–Ruzzo–Ullman
Craig Parker
U4. Chinese Wall
Craig Parker
Explorar la Librería