Back to Search Start Over

Forensic Analysis of Risks in Enterprise Systems.

Authors :
Stephenson, Peter
Source :
Information Systems Security. Sep/Oct2004, Vol. 13 Issue 4, p11-21. 11p.
Publication Year :
2004

Abstract

This paper discusses a novel technique that manages risks to an enterprises in terms of how well hardened the enterprise is against attack. Using the concept of formal analysis of covert channels between security policy domains, The Forensic Analysis of Risks in Enterprise Systems process addresses threats, vulnerabilities, impacts and countermeasures from the perspective of forensic analysis of target enterprises responding to various threat models. The process for Forensic Analysis of Risks in Enterprise System was described. It is feasible to conduct a risk-based analysis of an enterprise network by modeling the interactions of its security policy domains both with each other and in response to a set of threat against them. Some of the benefits realized from applying this type of analysis instead of applying brute-force testing was outlined.

Subjects

Subjects :
*INFORMATION technology
*INFORMATION resources management
*COMPUTER security
*SECURITY systems
*RISK assessment
*COMMUNICATION

Details

Language :
English
ISSN :
1065898X
Volume :
13
Issue :
4
Database :
Academic Search Index
Journal :
Information Systems Security
Publication Type :
Periodical
Accession number :
14451623
Full Text :
https://doi.org/10.1201/1086/44640.13.4.20040901/83728.3
Full Text Access
View/download PDF

Tools

Authors Abstract Subjects Details