null
US
Entrar
Registre-se gratuitamente
Registre-se
Detectamos que o JavaScript não está habilitado no teu navegador. Habilite o Javascript para o funcionamento correto do nosso site. Por favor, leia os
Termos e Condições
para mais informações.
Próximo
Copiar e Editar
Você deve estar logado para concluir esta ação!
Inscreva-se gratuitamente
356140
U4. Security Models & Policy
Descrição
Masters Comp Sec Mapa Mental sobre U4. Security Models & Policy, criado por Craig Parker em 13-11-2013.
Sem etiquetas
comp sec
comp sec
masters
Mapa Mental por
Craig Parker
, atualizado more than 1 year ago
Mais
Menos
Criado por
Craig Parker
mais de 10 anos atrás
32
0
0
Resumo de Recurso
U4. Security Models & Policy
Policy
Policy= captures the requirements and describes the steps to be taken to achieve security
Organisatonal Security Policy
Rules that regulate how an organisation manages security
Must be well defined
Automated Security Policy
Restrictions & properties that specify how a computing system prevents violations of the organisational security policy
Models
Models = an 'idealised' implementation of an organisation’s security policy.
Models enforce the Access Control Structure policy and ensure "need to know"
Models allow formal validation of your implementation against the security policy. Benchmarking
Can be used to illustrate the Fundamental Design Principles
State Machine Model (automaton)
an abstract model that records relevant features of a system (IE: its security) at a particular point in tim
A state may change to another state at some later point in time, triggered possibly by a clock or some input event
movement from one state to another is known as a transition
the more states you try capture, the more complicated the model will become (more difficult to analyse).
Basic Security Theorem
If we can do these 3 things then we know that 'security' is preserved by all transitions and so the system will always be secure
1. Define the State Set so that it captures some aspect of 'security
2. Check that every state transition that begins in a 'secure' state ends in a 'secure' state
3. Check that the initial state of the system is 'secure'.
Ensure you define what "secure" is!
Quer criar seus próprios
Mapas Mentais
gratuitos
com a GoConqr?
Saiba mais
.
Semelhante
U2.1 Comp Sec: deals with prevention & detection of unauthorised actions by users of a comp system
Craig Parker
U3.2 Access Control Structures
Craig Parker
U3. Labels & Access Control
Craig Parker
U2.2 Fundamentals
Craig Parker
U3.1 Access Control
Craig Parker
U3.3 Administration
Craig Parker
U4. Bell-LaPladula
Craig Parker
U4. Biba
Craig Parker
U4. Further Aspects of BLP
Craig Parker
U4. Harrison–Ruzzo–Ullman
Craig Parker
U4. Chinese Wall
Craig Parker
Explore a Biblioteca