Models and Tools for Quantitative Assessment of Operational Security

This paper proposes a novel approach to help computing system administrators in monitoring the security of their systems. The approach is based on modeling the system as a privilege graph exhibiting operational security vulnerabilities and on transforming this privilege graph into a Markov chain corresponding to all possible successful attack scenarios. A set of tools has been developed to support this approach and to provide automatic security evaluation of Unix systems in operation.

By: M. Dacier, Y. Deswarte (CNRS, France) and M. Kaaniche (CNRS, France)

Published in: Information Systems Security, ed. by S.K. Katsikas and D. Gritzalis. , London, Chapman & Hall, p.179-86 in 1996

Please obtain a copy of this paper from your local library. IBM cannot distribute this paper externally.

Questions about this service can be mailed to .