Automated Security Management.
By: Al-Shaer, Ehab.
Contributor(s): Ou, Xinming | Xie, Geoffrey.Material type: TextSeries: eBooks on Demand.Publisher: Dordrecht : Springer, 2013Description: 1 online resource (185 p.).ISBN: 9783319014333.Subject(s): Computer networks -- Security measures -- Standards | Computer security -- Management | Data protection -- StandardsGenre/Form: Electronic books.Additional physical formats: Print version:: Automated Security ManagementDDC classification: 004.6 LOC classification: QA76.9 .A25Online resources: Click here to view this ebook.
|Item type||Current location||Call number||URL||Status||Date due||Barcode|
|Electronic Book||UT Tyler Online Online||QA76.9 .A25 (Browse shelf)||http://uttyler.eblib.com/patron/FullRecord.aspx?p=1538876||Available||EBL1538876|
Preface; Contents; Part I Configuration Modeling and Checking; 1 Towards a Unified Modeling and Verification of Network and System Security Configurations; 1.1 Introduction; 1.2 Framework Overview; 1.3 Network Model; 1.3.1 State Representation; 1.3.2 Network Devices; 1.4 Application Layer Model; 1.4.1 Application Layer Access-Control; 1.4.2 State Representation; 1.5 Querying the Model; 1.5.1 Model Checking; 1.5.2 Query Structure and Features; 1.5.3 Example Properties; 1.6 Evaluation; 1.7 Related Work; 1.8 Conclusion; References
2 Modeling and Checking the Security of DIFC SystemConfigurations2.1 Introduction; 2.2 Preliminaries; 2.2.1 Tags and Labels; 2.2.2 Capabilities; 2.2.3 Declassification; 2.2.4 Configuration and Security Policy; 2.3 Threat Model; 2.4 Formal Model; 2.4.1 DIFC Configuration Schemes; 220.127.116.11 States; 18.104.22.168 State Transition Rules; 22.214.171.124 Properties; 2.4.2 Security Analysis Problem for DIFC Configuration; 2.5 Our Approach; 2.5.1 Model Checking; 2.5.2 Preprocessing; 2.6 Experiment and Evaluation; 2.7 Discussion; 2.8 Related Works; 2.8.1 Decentralized Information Flow Control
2.8.2 Security Analysis of Access Control2.9 Conclusion; References; Part II Vulnerability and Risk Assessment; 3 Increasing Android Security Using a Lightweight OVAL-Based Vulnerability Assessment Framework; 3.1 Introduction; 3.2 Related Work; 3.3 Vulnerability Assessment Process Model; 3.4 An OVAL-Based Framework for Assessing Android Vulnerabilities; 3.4.1 Architecture and Main Components; 3.4.2 Optimized Assessment Strategy; 3.5 Implementation Prototype; 3.6 Performance Evaluation; 3.6.1 Analytical Evaluation; 3.6.2 Technical Experimentation; 3.7 Conclusions and Future Work; References
4 A Declarative Logic-Based Approach for Threat Analysis of Advanced Metering Infrastructure4.1 Introduction; 4.2 Background and Challenges; 4.2.1 AMI System Complexity; 4.2.2 Potential Threats in AMI; 4.3 AMISecChecker Architecture; 4.4 AMI Configuration Model; 4.4.1 AMI Physical Components; 4.4.2 AMI Network Topology; 4.4.3 AMI Data Delivery Modes; 4.4.4 Miscellaneous Modeling; 4.5 AMI Threat Analysis; 4.5.1 AMI Configuration Analysis; 126.96.36.199 Reachability Analysis; 188.8.131.52 Data Delivery Analysis; 184.108.40.206 Schedule Misconfiguration Analysis; 4.5.2 AMI Security Control Analysis
220.127.116.11 Analyzing DoS Attacks18.104.22.168 Analyzing Violation of Boundary Protection; 22.214.171.124 Miscellaneous Threat Analysis; 4.6 Implementation and Evaluation; 4.6.1 Efficacy; 4.6.2 Scalability; 4.7 Related Work; 4.8 Conclusion; References; 5 Risk Based Access Control Using Classification; 5.1 Introduction; 5.2 Preliminaries; 5.2.1 RBAC; 5.2.2 Classification; 5.3 Risk Based Access Control; 5.3.1 Risk Based Permission Authorization; 5.3.2 Risk Based Authorization of Roles; 5.4 Experimental Evaluation; 5.4.1 Risk-Based Permission Authorization; 5.4.2 Risk-Based Role Authorization; 5.5 Related Work
In this contributed volume, leading international researchers explore configuration modeling and checking, vulnerability and risk assessment, configuration analysis, and diagnostics and discovery. The authors equip readers to understand automated security management systems and techniques that increase overall network assurability and usability. These constantly changing networks defend against cyber attacks by integrating hundreds of security devices such as firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization/RBAC servers, and crypto systems. Automated Security Managemen
Description based upon print version of record.