System Assurance: Beyond Detecting Vulnerabilities (Paperback)

· 제목 : System Assurance: Beyond Detecting Vulnerabilities (Paperback) (Beyond Detecting Vulnerabilities)
· 분류 : 외국도서 > 컴퓨터 > 정보통신기술(IT)
· ISBN : 9780123814142
· 쪽수 : 368쪽
· 출판일 : 2010-12-06

Contents

1. Why Hackers know more about our systems

1.1 Operating in cyberspace involves risks

1.2 Why Hackers are repeatadly successful

1.2.1 What are the challenges in defending cybersystems?

1.2.1.1 Difficulties in understanding and assessing risks

1.2.1.2 Understanding Development Trends

1.2.1.3 Comprehending Systems’ Complexity

1.2.1.4 Understanding Assessment Practices and their Limitations

1.2.1.5 Vulnerability Scanning Technologies and their Issues

1.3 Where do We Go from Here

1.3.1 Systematic and repeatable defense at affordable cost

1.3.2 The OMG Software Assurance Ecosystem

1.3.3 Linguistic Modeling to manage the common vocabulary

1.4 Who should read this book

2 Chapter: Confidence as a Product

2.1 Are you confident that there is no black cat in the dark room?

2.2 The Nature of Assurance

2.2.1 Engineering, Risk and Assurance

2.2.2 Assurance Case (AC)

2.2.2.1 Contents of an Assurance Case

2.2.2.2 Structure of the Assurance Argument

2.3 Overview of the Assurance Process

2.3.1 Producing Confidence

2.3.1.1 Economics of Confidence

3 Chapter: How to Build Confidence

3.1 Assurance in the System Lifecycle

3.2 Activities of System Assurance Process

3.2.1 Project Definition

3.2.2 Project Preparation

3.2.3 Assurance argument development

3.2.4 Architecture Security Analysis

3.2.4.1 Discover System Facts

3.2.4.2 Threat identification

3.2.4.3 Safeguard Identification

3.2.4.4 Vulnerability detection

3.2.4.5 Security Posture Analysis

3.2.5 Evidence analysis

3.2.6 Assurance Case Delivery

4 Chapter: Knowledge of System as of Element in Cybersecurity argument

4.1 What is system

4.2 Boundaries of the system

4.3 Resolution of the system description

4.4 Conceptual commitment for system descriptions

4.5 System architecture

4.6 Example of an architecture framework

4.7 Elements of System

4.8 System Knowledge Involves Multiple Viewpoints

4.9 Concept of operations (CONOP)

4.10 Network Configuration

4.11 System life cycle and assurance

4.11.1 System life cycle stages

4.11.2 Enabling Systems

4.11.3 Supply Chain

4.11.4 System life cycle processes

4.11.5 The implications to the common vocabulary and the integrated system model

5 Chapter: Knowledge of Risk as an Element of Cybersecurity argument

5.1 Introduction

5.2 Basic cybersecurity elements

5.3 Common vocabulary for risk analysis

5.3.1 Defining diScernable vocabulary for Assets

5.3.2 Threats and hazards

5.3.3 Defining dicernable vocabulary for Injury and Impact

5.3.4 Defining dicernable vocabulary for threats

5.3.5 Threat scenarios and attacks

5.3.6 Defining dicernable vocabulary for vulnerabilities

5.3.7 Defining dicernable vocabulary for safeguards

5.3.8 Risk

5.4 Systematic Threat Identification

5.5 Assurance Strategies

5.5.1 Injury Argument

5.5.2 Entry point argument

5.5.3 Threat argument

5.5.4 Vulnerability argument

5.5.5 Security requirement argument

5.5.6 Assurance of the threat identification

6 Chapter: Knowledge of Vulnerabilities as an Element of Cybersecurity Argument

6.1 Vulnerability as part of system knowledege

6.1.1 What is Vulnerability

6.1.2 Vulnerability as Unit of Knowledge: The History of Vulnerability

6.1.3 Vulnerabilities and the Phases of the System Life Cycle

6.1.4 Enumeration of Vulnerabilities as a Knowledge Product

6.1.5 Vulnerability Databases

6.1.5.1 US-CERT

6.1.5.2 Open Source Vulnerability Database (OSVDB)

6.1.6 Vulnerability Life Cycle

6.2 NIST Security Content Automation Protocol (SCAP) Ecosystem

6.2.1 Overview of SCAP Ecosystem

6.2.2 Information Exchanges under SCAP

7 Chapter: Vulnerability Patterns as a New Assurance Content

7.1 Beyond Current SCAP Ecosystem

7.2 Vulnerability Patterns

7.3 Software Fault Patterns

7.3.1 Safeguard category of clusters and corresponding Software fault Patterns (SFPs)

7.3.1.1 Authentication

7.3.1.2 Access Control

7.3.1.3 Privilege

7.3.2 Direct Impact category of clusters and corresponding Software fault Patterns (SFPs)

7.3.2.1 Information Leak

7.3.2.2 Memory Management

7.3.2.3 Memory Access

7.3.2.4 Path Resolution

7.3.2.5 Tainted Input

8 Chapter: OMG Software Assurance Ecosystem

8.1 Introduction

8.2 OMG Assurance Ecosystem: towards collaborative cybersecurity

9 Chapter: Common Fact Model for Assurance Content

9.1 Assurance Content

9.2 The Objectives

9.3 Design criteria for information exchange protocols

9.4 Tradeoffs

9.5 Information Exchange Protocols

9.6 The Nuts and Bolts of Fact Models

9.6.1 Objects

9.6.2 Noun Concepts

9.6.3 Facts about existence of objects

9.6.4 Individual concepts

9.6.5 Relations between concepts

9.6.6 Verb concepts

9.6.7 Characteristics

9.6.8 Situational concepts

9.6.9 Viewpoints and views

9.6.10 Information exchanges and assurance

9.6.11 Fact-oriented Integration

9.6.12 Automatic derivation of facts

9.7 The representation of facts

9.7.1 Representing facts in XML

9.7.2 Representing facts and schemes in Prolog

9.8 The common schema

9.9 System assurance facts

?10 Chapter: Linguistic Models

10.1 Fact Models and Linguistic Models

10.2 Background

10.3 Overview of SBVR

10.4 How to use SBVR

10.4.1 Simple vocabulary

10.4.2 Vocabulary Entries

10.4.3 Statements

10.4.4 Statements as formal definitions of new concepts

10.4.4.1 Definition of a Noun Concept

10.4.4.2 Definition of a Verb Concept

10.4.4.3 The General Concept caption

10.5 SBVR Vocabulary for describing Elementary Meanings

10.6 SBVR Vocabulary for describing Representations

10.7 SBVR Vocabulary for describing Extensions

10.8 Reference schemes

10.9 SBVR Semantic Formulations

10.9.1 Defining new terms and facts types using SBVR

11 Chapter: Standard Protocol for Exchanging System Facts

11.1 Background

11.2 Organization of the KDM vocabulary

11.2.1 Infrastructure Layer

11.2.2 Program Elements Layer

11.2.3 Resource Layer

11.2.4 Abstractions Layer

11.3 The process of discovering system facts

11.4 Discovering the baseline system facts

11.4.1 Inventory views

11.4.1.1 Inventory Viewpoint vocabulary in SBVR

11.4.2 Build Views

11.4.3 Data views

11.4.4 UI views

11.4.5 Code views

11.4.5.1 Code views: Elements of Structure

11.4.5.2 Code views: Elements of Behavior

11.4.5.3 Micro KDM

11.4.6 Platform views

11.4.7 Event views

11.5 Performing architecture analysis

11.5.1 Structure Views

11.5.2 Conceptual Views

11.5.2.1 Linguistic Viewpoint

11.5.2.2 Behavior Viewpoint

12 Chapter: Case Study

12.1 Introduction

12.2 Background

12.3 Concepts of operations

12.3.1 Executive summary

12.3.2 Purpose

12.3.3 Locations

12.3.4 Operational Authority

12.3.5 System Architecture

12.3.5.1 Clicks2Bricks Web server

12.3.5.2 Database server

12.3.5.3 SMTP server

12.3.6 System Assumptions

12.3.7 External dependencies

12.3.8 Implementation Assumptions

12.3.9 Interfaces with Other Systems

12.3.10 Security assumptions

12.3.11 External Security Notes

12.3.12 Internal Security notes

12.4 Business vocabulary and security policy for Clicks2Bricks in SBVR

12.5 Building the integrated system model

12.5.1 Building the baseline system model

12.5.2 Enhancing the baseline model with the system architecture facts

12.6 Mapping cybersecurity facts to system facts

12.7 Assurance case