J. D. Howard and T. A. Longstaff, "A common language for computer security incidents," Sandia National Laboratories, Sandia Report SAND98-8667, October 1998.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....is to be used in discussing network security inc idents and survivability. Many alternative terms have been used, and here we follow the attempt to develop a common language for computer security incidents Howard and Longstaff define a number of terms, in particular, an attack and an incident [Howard 98] An attack is defined as a series of intentional steps taken by an attacker to achieve an unauthorized result. An incident is defined as a group of related attacks that can be distinguished from other attacks because of the distinctiveness of the attackers, attacks, objectives, sites, and ....

Howard, J. & Longstaff, T. A Common Language for Computer Security Incidents. (SAND98-8667) Livermore, CA: Sandia National Laboratories, 1998.

....the concepts were made by the members of the Survivable Systems Working Group: Gwen Walton, University of Central Florida; Ann Sobel, Miami University of Ohio; and Alan Hevner, University of South Florida. The authors gratefully acknowledge the suggestions provided by Tom Longstaff, Bob Ellison, Howard Lipson, and Nancy Mead. vi CMU SEI 2001 TR 029 CMU SEI 2001 TR 029 vii Abstract Survivability is a new branch of dependability. It addresses explicit requirements for restricted modes of operation that preserve mission critical essential services in adverse operational environments. A survivable system is one that satisfies its ....

Howard, J. & Longstaff, T. A Common Language for Computer Security Incidents (SANDIA Report SAND98-8867). Livermore, CA: Sandia National Laboratories, October

....with no event. The POSTCOND section. In this section, what has been obtained by the attacker is expressed. Most of the time, it is an increased level of privilege (cf line 62) It could also be disclosure of information, corruption of information, denial of service, or theft of resources [7]. Moreover, as proposed by a reviewer, these last goals could be re ned in order to express more speci c gains, which could be subgoals in chain of attacks. For example, we could add changes in con guration, impersonation, injection of false data, creation of a backdoor, etc. ADeLe: an Attack ....

J. D. Howard and T. A. Longsta. A common language for computer security incidents. Technical Report SAND98-8667, Sandia National Laboratories, October 1998.

....[Howard 95, Fisher 99, Ellison 97, Linger 98] One of the key issues is the taxonomy that is to be used in discussing network security incidents and survivability. Many alternative terms have been used, and here we follow the attempt to develop a common language for computer security incidents [Howard 98] This language defines a number of terms, in particular, an attack and an incident. An attack is defined as a series of intentional steps taken by an attacker to achieve an unauthorized result. An incident is defined as a group of related attacks that can be distinguished from other attacks ....

Howard, J.& Longstaff, T. A Common Language for Computer Security Incidents. (SAND98-8667). Livermore, CA: Sandia National Laboratories, 1998.

No context found.

J. D. Howard and T. A. Longstaff, "A common language for computer security incidents," Sandia National Laboratories, Sandia Report SAND98-8667, October 1998.

No context found.

J. Howard and T. Longstaff. A common language for computer security incidents. Sandia Report SAND98-8667, Oct. 1998.

No context found.

J. Howard and T. Longstaff. A common language for computer security incidents. Technical Report SAND98-8667, SNL, 1998.

No context found.

J. D. Howard and T. A. Longsta#. A common language for computer security incidents.

No context found.

J. D. Howard and T. A. Longsta#. A common language for computer security incidents.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC