SlideShare a Scribd company logo

ISSA Journal September 2008Article Title Article Author.docx

Download as DOCX, PDF
B
bagotjesusa

ISSA Journal | September 2008Article Title | Article Author 1�1� ISSA The Global Voice of Information Security Extending the McCumber Cube to Model Network Defense By Sean M. Price – ISSA member Northern Virginia, USA chapter This article proposes an extension to the McCumber Cube information security model to determine the best countermeasures to achieve a desired security goal. Confidentiality, integrity, and availability are the se-curity services of a system. In other words they are the security goals of system defense, intangible at- tributes� providing assurances for the information protected. Each service is realized when the appropriate countermea- sures for a given information state are in place. But, it is not enough to select countermeasures ad hoc. Countermeasures should be selected to defend a system and its information against specific types of attacks. When attacks against partic- ular information states are considered, the necessary coun- termeasures can be selected to achieve the desired security service or goal. This article proposes an extension to the Mc- Cumber Cube information security model as a way for the security practitioner to consider the best countermeasures to achieve the desired security goal. Security models Models are useful tools to help understand complex topics. A well-developed model can often be represented graphically, allowing a deeper understanding of the relationships of the components that make the whole. A formal security model is broadly applicable and rigorously developed using formal methods.2 In contrast, an informal model is considered lack- ing one or both of these qualities. There are a variety of in- formal models in the information security world which are regularly used by security practitioners to understand basic information and concepts. � Security goals often lack explicit definitions and are difficult to quantify. They are usually based on policies with broad interpretations and tend to be qualitative. It is true that security goals emerge from the confluence of information states and coun- termeasures which have measurable attributes. But, the subjective nature of security goals combined with informal modeling characterizes their attributes as intangible. 2 P. T. Devanbu and S. Stubblebine, “Software Engineering for Security: A Roadmap,” Proceedings of the Conference on The Future of Software Engineering (2000), 227-239. One such informal model is the generally accepted risk as- sessment framework. This model is used to assess risk by estimating asset values, vulnerabilities, threats with their likelihood of exploiting a vulnerability, and losses. Figure � illustrates this model. Note that this commonly used model requires a substantial amount of estimating on the part of the risk assessment participants. This is problematic when reliable estimates cannot be obtained. Another problem with this model is that it does not guide th.

Education
1 of 24
ISSA Journal | September 2008Article Title | Article Author 1�1� ISSA The Global Voice of Information Security Extending the McCumber Cube to Model Network Defense By Sean M. Price – ISSA member Northern Virginia, USA chapter This article proposes an extension to the McCumber Cube information security model to determine the best countermeasures to achieve a desired security goal. Confidentiality, integrity, and availability are the se-curity services of a system. In other words they are the security goals of system defense, intangible at- tributes� providing assurances for the information protected. Each service is realized when the appropriate countermea- sures for a given information state are in place. But, it is not enough to select countermeasures ad hoc. Countermeasures should be selected to defend a system and its information against specific types of attacks. When attacks against partic- ular information states are considered, the necessary coun- termeasures can be selected to achieve the desired security service or goal. This article proposes an extension to the Mc- Cumber Cube information security model as a way for the security practitioner to consider the best countermeasures to achieve the desired security goal.
Security models Models are useful tools to help understand complex topics. A well-developed model can often be represented graphically, allowing a deeper understanding of the relationships of the components that make the whole. A formal security model is broadly applicable and rigorously developed using formal methods.2 In contrast, an informal model is considered lack- ing one or both of these qualities. There are a variety of in- formal models in the information security world which are regularly used by security practitioners to understand basic information and concepts. � Security goals often lack explicit definitions and are difficult to quantify. They are usually based on policies with broad interpretations and tend to be qualitative. It is true that security goals emerge from the confluence of information states and coun- termeasures which have measurable attributes. But, the subjective nature of security goals combined with informal modeling characterizes their attributes as intangible. 2 P. T. Devanbu and S. Stubblebine, “Software Engineering for Security: A Roadmap,” Proceedings of the Conference on The Future of Software Engineering (2000), 227-239. One such informal model is the generally accepted risk as- sessment framework. This model is used to assess risk by estimating asset values, vulnerabilities, threats with their likelihood of exploiting a vulnerability, and losses. Figure � illustrates this model. Note that this commonly used model requires a substantial amount of estimating on the part of
the risk assessment participants. This is problematic when reliable estimates cannot be obtained. Another problem with this model is that it does not guide the participants on how best to secure risky aspects of the system. By extending the McCumber Cube, another informal security model, this ar- ticle will discuss one way to reduce reliance on inexact esti- mates and improve risk by focusing the assessment on attacks while deriving explicit countermeasures. McCumber Cube model John McCumber developed the McCumber Cube as a way to model risk management.3 This model provides the security practitioner with a means to graphically evaluate and man- age risk for a system (see Figure 2). Viewing the cube from different angles provides a security practitioner with a way to consider risk from different per- spectives. The three primary aspects of the cube involve: 3 J. McCumber, Assessing and Managing Security Risk in IT Systems: A Structured Meth- odology (Boca Raton, FL: Auerbach, 2004). Information States Security Goals Co un ter me as ur
es Transmission Te ch no lo gy Po lic ie s & P ra ct ic e Pe op le Con fid en tia
lity Int eg rity Ava ila bil ity Storage Processing Asset x Estimated Value Vulnerability x Likelihood Threat x Likelihood Estimated Loss
Risk+ + X = Figure 2 – McCumber Cube Figure 1 – Risk Assessment Model ISSA Journal | September 2008 1� Information states – These represent the various forms in which information can be found within a system. Informa- tion is the fundamental aspect of what it is that must be pro- tected. Processing – Information held in volatile memory or currently manipulated through the processor Storage – This generally refers to non-volatile storage such as files on hard drives or backup media Transmission – Information transiting network me- dia Countermeasures – These are elements which can be used to defend a system from attack, which can be used to protect information in its various states. People – All individuals associated with a system to include administrators and users Policies and practices – Documented policies and pro- cedures used to guide people interacting with the
system; work flows, separation of duties, and least privilege Technology – Hardware and software which comprise the system such as operating systems, applications, networking devices, and security tools Security services – These are the ultimate security goals of a system. They are not concrete but intangible. Confidentiality – Protecting information from an un- authorized or unintended disclosure Integrity – A quality which prevents the unauthorized alteration or destruction of information Availability – The ability to retrieve requisite infor- mation in a timely manner for an authorized user The McCumber Cube can be used by selecting a desired se- curity service and considering what countermeasures must be implemented to protect the affected information states. For example, suppose we need to defend a network against all compromises to information confidentiality. An approach would be to begin enumerating all the different types of con- trols which could be used to protect information confidenti- ality for each of the information states. Some of these items would include: Encryption – Protects information at rest or in tran- sit Antivirus – Identifies malicious code which might steal and retransmit information Periodic port scanning – Identifies unauthorized or
suspicious ports within the system Identification and authentication – Used to support access control and accountability for information ac- cessed Vulnerability scanning – Identifying exploitable weaknesses in the system • • • • • • • • • • • • • •
Incident response – Procedures used to respond to confidentiality breaches Configuration management – Ensuing appropriate access controls are implemented to protect informa- tion from unauthorized access System documentation – Identifies all countermea- sures in place to protect information confidentiality within the network Awareness training – Informing users of their re- sponsibilities to protect information from exposure as well as escalation of suspected or actual informa- tion exposures Extending the McCumber Cube Managing from such an abstract list is daunting at best. Even when the list is subdivided according to the countermeasures it can still be difficult to decide if all of the necessary counter- measures are in place. Achieving a more granular approach requires a minimization of the view from all three informa- tion states to each individually. This reduction allows the se- curity practitioner to focus on the risk implications associ- ated with the implementation of countermeasures for a given information state and a particular security service. One way to consider the appropriateness and completeness of a countermeasure is to match it with attacks which might be used against the system. In this way, a risk-based decision can be made regarding each possible attack and the types of countermeasures which might best be used as a basis for de- fense. A graphical representation of this concept is given in Figure 3. Here we see that an individual attack for a particu- lar information state is combined with the appropriate coun-
termeasures. When these three items are properly merged the applicable security concept is implied. Although this concept reduces the total view of the McCum- ber Cube, it simultaneously extends its functional aspects. Extensions of the McCumber Cube are not new. The Infor- mation Assurance Model extends the McCumber Cube by adding the security services of authentication and non-repu- diation.4 It also adds the dimension of time as a consideration for risk-based activities for information assurance. Security practitioners are encouraged to seek new ways to view exist- ing paradigms. Reducing the scope of the view of the McCumber Cube can enhance risk-based decisions for the countermeasures need- ed to protect against specific attacks. The elements in Figure 3 are defined as follows: 4 W. V. Maconachy, C. D. Schou, D. Ragsdale, and D. Welch, “A Model for Information Assurance: An Integrated Approach,” Proceedings of the IEEE Workshop on Information Assurance and Security (200�), 30�-3�0. • • • • Extending the McCumber Cube to Model Network Defense | Sean M. Price Counter-
measures Security Goal Information StateAttack + + Figure � – Proposed Extension to McCumber Cube ISSA Journal | September 2008 1� Extending the McCumber Cube to Model Network Defense | Sean M. Price Attacks – A particular technique ex- ploiting a system weakness Information states – What it is that needs to be protected Countermeasures – Those things which can be implemented to defend the network – it is important to note that a weakness presented in one of the associated countermeasures could reduce the ability to achieve the stated security goal Security services – The goal achieved when attacks to a given information state are mitigated with the iden- tified countermeasures
The model created by McCumber does not require the use of three types of countermeasures. This provides the model user with flexibility. However, this is not an advisable prac- tice. Ideally, a system is designed with appropriate defense- in-depth to enable a security service to continue when a par- ticular countermeasure fails. The extension proposed in this article requires the security practitioner to identify controls for each of the countermeasure classes of people, policies and practices, as well as technology. Model extension use scenarios The following scenarios consider a strategy which enables each of the three security services. Each focuses on the trans- mission information state regarding network defense. Given a particular attack, potential countermeasures are selected which supports the implication that the security service is in effect. A security practitioner could easily compile this in- formation into a table as a form of reference for a given sys- tem. Each scenario is accompanied by a table to illustrate this point. Confidentiality on the network Sensitive information commonly transits many networks. Multitudes of threat agents actively seek to capture sensitive information. Preventing the unauthorized or unintentional exposure of sensitive information is an important part of the security program of many organizations. Figure 4 illustrates Sniffers as a type of attack tool which could be mitigated with select countermeasures. Attack: Sniffers used to record network traffic.5 Countermeasures: Technology – Encryption is used to protect informa- tion from an unintended exposure. This may involve
5 Z. Trabelsi and H. Rahmani, “Detection of sniffers in an Ethernet network,” Lecture Notes in Computer Science, 3225 (2004), �70-�82. • • • • • encryption between network nodes or other imple- mentation such as those which are file-based to en- able protection. Policies and practices – Cryptographic key manage- ment is necessary to ensure only those authorized ac- cess to the information are allowed to decrypt it. People – Users should be trained on what information should be transmitted through encrypted channels and how it should be accomplished. Clearly, encryption is an excellent choice to use when protect- ing the confidentiality of information transmitted through a network. However, encryption is of little use if keys are not properly managed and people are not aware of its appropriate use. Table � lists the elements of Figure 4. Integrity for network information Information traversing a network might be modified in tran- sit. Encryption provides an excellent means to detect modi-
fication to the information. However, encryption is not the best control to use in every circumstance. In this scenario an attacker uses ARP spoofing to redirect traffic. This allows an attacker the ability to redirect traffic to a particular network node where data packets could be manipulated. Figure 5 il- lustrates the aspects of this scenario. Attack: ARP spoofing is a known method facilitating net- work traffic redirection.6 Countermeasures: Technology – Scanning tools configured to look for peculiar ports and unauthorized duplicate MAC ad- dresses is essential. Tools which conduct reverse ARP evaluations are the best to use. Policies and practices – The scanning should be con- ducted periodically. Automated scans are best. How- ever, the results of any scan will need to be regularly evaluated. People – Administrators and security personnel should be trained on the use of the tools and tech- niques necessary to investigate suspicious activity. 6 S. J. Templeton and K. E. Levitt, “Detecting Spoofed Packets,” Proceedings of the DAR- PA Information Survivability Conference and Exposition, 1 (2003), �64-�75. • • •
• • Attack Vector Information State Countermeasures Security Goal Technology ___________________ Policy ________________________ People _______________________ _______________ _______________ _______________ Encryption Key Management Training Sniffer Transmission Confidentiality Port Scanning Periodic Scans Investigators IntegrityTransmissionARP Spoofing + + Encryption Key Mgmt. Training ConfidentialityTransmissionSniffer + + Figure 4 – Confidentiality Model Extension
Table 1 – Sniffer against Transmission Figure � – Integrity Model Extension ISSA Journal | September 2008 1� Attacks against network integrity, such as those using ARP spoofing, are interesting problems which might seem unlike- ly to occur. However, consider the possibilities of attacks such as pharming against network information integrity.7 Unau- thorized changes to dynamic naming servers (DNS), hosts files, and networking device configurations are similar in af- fect to ARP spoofing. Each of these could be used to redirect traffic to locations where the information could be tampered with or removed entirely form the system. Although the outcome is likely to be the same, different countermeasures would need to be considered for each aforementioned case since the target methodology is different. Table 2 shows the aspects of Figure 5. Network availability The inability to access information resources reduces the usefulness of a system. In some situations a lack of availability can directly affect the viability of an organization. At- tacks which prevent users from accessing information resources in a timely manner are a continuing problem. Defending against a denial of service (DOS) attack is not always simple. Detection of these types of attacks is an important capability needed to preserve the availability of many information systems. Figure 6 presents one approach
which can be used to counteract DOS attacks. Attack: DOS prevents timely access to information or sys- tems. Countermeasures: Technology – Intrusion detection can be used to iden- tify events indicative of a DOS attack. Policies and practices – Processes and procedures should be documented and regularly followed to identify DOS activity. People – Individuals need to be trained to effectively use intrusion detection tools and interpret their out- put. Incident response skills will also be needed to re- spond to actual DOS events. Those assigned tasks to 7 A. Emigh, “Phising Attacks: Information Flow and Chokepoints,” in M. Jakobsson and S. Myers (eds.), Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft, pp. 3�-63 (Hoboken, NJ: John Wiley and Sons, 2007). • • • identify and respond to DOS activity should periodically practice incident response ac- tivities.
In the information security realm detection must always be used when prevention can- not. But, is it necessary to also detect when preventative measures are implemented? The answer is a re- sounding, yes! Due to the possibility that a countermeasure might be bypassed or fail, detection must always continue. The most likely source of a DOS will come from outside of an organization. Firewalls are tools which are an acceptable countermeasure against a DOS attack.8 However, these tools are of little use when the attack originates from inside a pro- tected enclave. The pervasiveness of Trojan horses and bots allows attackers to launch any assault they desire.9 As such, internal monitoring for a DOS will still be needed. Although detection must be used when prevention cannot, it should also be implemented when prevention is in place because it is unlikely that the preventative controls will be absolute. No tool or solution is a silver bullet which solves all associated security problems. Table 3 lists the considerations of the at- tack and the countermeasures selected for the information state and security goal. These scenarios demonstrate a means to designate poten- tial countermeasures for a given attack. The examples listed should not be interpreted to be fully inclusive. A complete solution requires a careful evaluation of the environment which may reveal multiple areas which need countermea- sures. Minimally, at least one countermeasure for technol- ogy, operations, and people should be implemented as a way to achieve defense-in-depth.�0 Extension used with risk assessments The primary purpose of this article is to discuss an exten- sion to the McCumber Cube which associates a specific attack with a selected information state and particular security ser-
vice. This new model could also be used in a risk framework to ascertain the level of risk present for any given situation in a network environment. Figure 7 suggests that perceived threats coupled with their likelihood with this McCumber Cube extension could be used to evaluate system risk. 8 C. L. Schuba, I. V. Krusl, M. G. Kuhn, E. H. Spafford, A. Sundaram, and D. Zamboni, “Analysis of a Denial of Service Attack on TCP,” Proceedings of the 1997 IEEE Sympo- sium on Security and Privacy (�997), 208-223. 9 D. Geer, “Malicious Bots Threaten Network Security,” Computer, 38(�) (2005), �8-20. �0 “Defense in Depth: A practical strategy for achieving Information Assurance in to- day’s highly networked environments” (2008). Retrieved July �, 2008, from www.nsa. gov/snac/support/defenseindepth.pdf. Extending the McCumber Cube to Model Network Defense | Sean M. Price Attack Vector Information State Countermeasures Security Goal Technology ___________________ Policy ________________________ People _______________________ _______________ _______________ _______________ Port scanning
Periodic scans Investigators ARP Spoofing Transmission Integrity Attack Vector Information State Countermeasures Security Goal Technology ___________________ Policy ________________________ People _______________________ _______________ _______________ _______________ Intrusion detection Monitoring Incident response Denial of Service Transmission Availability Intrusion Detect. Monitoring Incident Resp. AvailabilityTransmissionDenial of Service + + Table 2 – ARP Spoofing against Transmissions Figure � – Availability Model Extension
Table � – Denial of Service against Transmissions ISSA Journal | September 2008 18 preferable. Often the estimates used in risk assessments have little research or quantitative results to support their asser- tions. The extension expressed in this article minimizes the estimates and focuses the risk assessment on explicit coun- termeasures for a specific threat. Conclusion Using models is one way to consider methods to defend a net- work. The McCumber Cube is a robust, yet informal, model which provides a security practitioner with a graphical means to understand and evaluate system risk. This article proposed an extension to the McCumber Cube which can be used to as- sociate security services, countermeasures, and information states with specific attacks. Using this type of model allows a more discrete identification of countermeasures needed to defend a network against specific types of attack. It can also be used as a new way to evaluate risk in a system. About the Author Sean M. Price, CISA, CISSP, is an inde- pendent security researcher and consultant living in northern Virginia. He specializes in designing and evaluating organizational information assurance programs and system security architec- tures. Research interests include insider threat, information flows, and applications of artificial intelligence to information assurance problems. Prior publications include the Informa-
tion Security Management Handbook, Official (ISC)2 Guide to the CISSP CBK, IEEE Computer magazine, as well as other journals and conferences. You can reach him at [email protected] tinel-consulting.com. The proposed extension to the McCumber cube takes risk as- sessment from a different angle. Why not consider specific threats and the estimate of their likelihood and then identify countermeasures that should be in place to defend against them. A lack of existing countermeasures from a defense-in- depth perspective (which is a vulnerability) equates to more risk for the system. Risk assessments do not generally con- sider countermeasures in the equation. Perhaps this is an in- tuitive exercise on the part of the assessors, but existing mod- els in the literature seldom discuss it in detail. Popular risk assessment models often include too many estimates which devalues their worth. A model which is closer to a state of reality as opposed to something which relies on estimates is Extending the McCumber Cube to Model Network Defense | Sean M. Price Counter- measures Security Goal Information StateAttack + + Threat +
Likelihood + Risk www.issa.org/Members/Webcasts.html for on demand webcasts: ISSA/ISACA Webinar-DNS Security: New Threats, Immediate Responses, Long Term Outlook Understanding Employee Behavioral Profiles to Stop Insider Threats Sponsored by: Raytheon Oakley Systems Roles-Based Access Governance: Best Practices for Practitioners Sponsored by: Aveksa www.aveska.com Key Steps to Securing Your Organization and Evicting a Hacker Sponsor: Foundstone Professional Services (a division of McAfee) www.ISSA.org/Resources.html — ISSA Member Resources Webcasts Figure � – Model Extension with Risk Assessment Popular risk assessment models often include too many estimates which devalues their worth.
ISSA Journal September 2008Article Title Article Author.docx

Recommended

A predictive framework for cyber security analytics using attack graphs
A predictive framework for cyber security analytics using attack graphsA predictive framework for cyber security analytics using attack graphs
A predictive framework for cyber security analytics using attack graphsIJCNCJournal
 
Predictive cyber security
Predictive cyber securityPredictive cyber security
Predictive cyber securitycsandit
 
PREDICTIVE CYBER SECURITY ANALYTICS FRAMEWORK: A NONHOMOGENOUS MARKOV MODEL F...
PREDICTIVE CYBER SECURITY ANALYTICS FRAMEWORK: A NONHOMOGENOUS MARKOV MODEL F...PREDICTIVE CYBER SECURITY ANALYTICS FRAMEWORK: A NONHOMOGENOUS MARKOV MODEL F...
PREDICTIVE CYBER SECURITY ANALYTICS FRAMEWORK: A NONHOMOGENOUS MARKOV MODEL F...cscpconf
 
Essay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docxEssay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docxjenkinsmandie
 
INFORMATION AND COMMUNICATION SECURITY MECHANISMS FOR MICROSERVICES-BASED SYS...
INFORMATION AND COMMUNICATION SECURITY MECHANISMS FOR MICROSERVICES-BASED SYS...INFORMATION AND COMMUNICATION SECURITY MECHANISMS FOR MICROSERVICES-BASED SYS...
INFORMATION AND COMMUNICATION SECURITY MECHANISMS FOR MICROSERVICES-BASED SYS...IJNSA Journal
 
Network Threat Characterization in Multiple Intrusion Perspectives using Data...
Network Threat Characterization in Multiple Intrusion Perspectives using Data...Network Threat Characterization in Multiple Intrusion Perspectives using Data...
Network Threat Characterization in Multiple Intrusion Perspectives using Data...IJNSA Journal
 
information security management
information security managementinformation security management
information security managementGurpreetkaur838
 
A Proposed Model for Datacenter in -Depth Defense to Enhance Continual Security
A Proposed Model for Datacenter in -Depth Defense to Enhance Continual SecurityA Proposed Model for Datacenter in -Depth Defense to Enhance Continual Security
A Proposed Model for Datacenter in -Depth Defense to Enhance Continual SecurityHossam Al-Ansary
 

Recommended

A predictive framework for cyber security analytics using attack graphs
A predictive framework for cyber security analytics using attack graphsA predictive framework for cyber security analytics using attack graphs
A predictive framework for cyber security analytics using attack graphsIJCNCJournal
 
Predictive cyber security
Predictive cyber securityPredictive cyber security
Predictive cyber securitycsandit
 
PREDICTIVE CYBER SECURITY ANALYTICS FRAMEWORK: A NONHOMOGENOUS MARKOV MODEL F...
PREDICTIVE CYBER SECURITY ANALYTICS FRAMEWORK: A NONHOMOGENOUS MARKOV MODEL F...PREDICTIVE CYBER SECURITY ANALYTICS FRAMEWORK: A NONHOMOGENOUS MARKOV MODEL F...
PREDICTIVE CYBER SECURITY ANALYTICS FRAMEWORK: A NONHOMOGENOUS MARKOV MODEL F...cscpconf
 
Essay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docxEssay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docxjenkinsmandie
 
INFORMATION AND COMMUNICATION SECURITY MECHANISMS FOR MICROSERVICES-BASED SYS...
INFORMATION AND COMMUNICATION SECURITY MECHANISMS FOR MICROSERVICES-BASED SYS...INFORMATION AND COMMUNICATION SECURITY MECHANISMS FOR MICROSERVICES-BASED SYS...
INFORMATION AND COMMUNICATION SECURITY MECHANISMS FOR MICROSERVICES-BASED SYS...IJNSA Journal
 
Network Threat Characterization in Multiple Intrusion Perspectives using Data...
Network Threat Characterization in Multiple Intrusion Perspectives using Data...Network Threat Characterization in Multiple Intrusion Perspectives using Data...
Network Threat Characterization in Multiple Intrusion Perspectives using Data...IJNSA Journal
 
information security management
information security managementinformation security management
information security managementGurpreetkaur838
 
A Proposed Model for Datacenter in -Depth Defense to Enhance Continual Security
A Proposed Model for Datacenter in -Depth Defense to Enhance Continual SecurityA Proposed Model for Datacenter in -Depth Defense to Enhance Continual Security
A Proposed Model for Datacenter in -Depth Defense to Enhance Continual SecurityHossam Al-Ansary
 
future internetArticleERMOCTAVE A Risk Management Fra.docx
future internetArticleERMOCTAVE A Risk Management Fra.docxfuture internetArticleERMOCTAVE A Risk Management Fra.docx
future internetArticleERMOCTAVE A Risk Management Fra.docxgilbertkpeters11344
 
future internetArticleERMOCTAVE A Risk Management Fra
future internetArticleERMOCTAVE A Risk Management Frafuture internetArticleERMOCTAVE A Risk Management Fra
future internetArticleERMOCTAVE A Risk Management FraDustiBuckner14
 
Future internet articleermoctave a risk management fra
Future internet articleermoctave a risk management fraFuture internet articleermoctave a risk management fra
Future internet articleermoctave a risk management fraarnit1
 
AI model security.pdf
AI model security.pdfAI model security.pdf
AI model security.pdfStephenAmell4
 
Ijcatr04061002
Ijcatr04061002Ijcatr04061002
Ijcatr04061002Editor IJCATR
 
Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813Kinetic Potential
 
Sheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docx
Sheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docxSheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docx
Sheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docxedgar6wallace88877
 
Week 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadWeek 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadVinoth Sn
 
Incident Response
Incident ResponseIncident Response
Incident ResponseMichaelRodriguesdosS1
 
E1804012536
E1804012536E1804012536
E1804012536IOSR Journals
 
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfUNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfVishwanathMahalle
 
A Brief Survey on Various Technologies Involved in Cloud Computing Security
A Brief Survey on Various Technologies Involved in Cloud Computing SecurityA Brief Survey on Various Technologies Involved in Cloud Computing Security
A Brief Survey on Various Technologies Involved in Cloud Computing SecurityAssociate Professor in VSB Coimbatore
 
A security decision reaction architecture for heterogeneous distributed network
A security decision reaction architecture for heterogeneous distributed networkA security decision reaction architecture for heterogeneous distributed network
A security decision reaction architecture for heterogeneous distributed networkLuxembourg Institute of Science and Technology
 
A security decision reaction architecture for heterogeneous distributed network
A security decision reaction architecture for heterogeneous distributed networkA security decision reaction architecture for heterogeneous distributed network
A security decision reaction architecture for heterogeneous distributed networkchristophefeltus
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniqueseSAT Journals
 
A DEFENSIVE MECHANISM CROSS LAYER ARCHITECTURE FOR MANETS TO IDENTIFY AND COR...
A DEFENSIVE MECHANISM CROSS LAYER ARCHITECTURE FOR MANETS TO IDENTIFY AND COR...A DEFENSIVE MECHANISM CROSS LAYER ARCHITECTURE FOR MANETS TO IDENTIFY AND COR...
A DEFENSIVE MECHANISM CROSS LAYER ARCHITECTURE FOR MANETS TO IDENTIFY AND COR...IJNSA Journal
 
Mapping Security Information and Event Management (SIEM) Rules to Tactics and...
Mapping Security Information and Event Management (SIEM) Rules to Tactics and...Mapping Security Information and Event Management (SIEM) Rules to Tactics and...
Mapping Security Information and Event Management (SIEM) Rules to Tactics and...AntonioProcentese1
 
Exploration Draft Document- CEM Machine Learning & AI Project 2018
Exploration Draft Document- CEM Machine Learning & AI Project 2018Exploration Draft Document- CEM Machine Learning & AI Project 2018
Exploration Draft Document- CEM Machine Learning & AI Project 2018Leslie McFarlin
 
Software security risk mitigation using object oriented design patterns
Software security risk mitigation using object oriented design patternsSoftware security risk mitigation using object oriented design patterns
Software security risk mitigation using object oriented design patternseSAT Journals
 
Software security risk mitigation using object
Software security risk mitigation using objectSoftware security risk mitigation using object
Software security risk mitigation using objecteSAT Publishing House
 
Issues Identify at least seven issues you see in the case1..docx
Issues Identify at least seven issues you see in the case1..docxIssues Identify at least seven issues you see in the case1..docx
Issues Identify at least seven issues you see in the case1..docxbagotjesusa
 
Issues and disagreements between management and employees lead.docx
Issues and disagreements between management and employees lead.docxIssues and disagreements between management and employees lead.docx
Issues and disagreements between management and employees lead.docxbagotjesusa
 

More Related Content

Similar to ISSA Journal September 2008Article Title Article Author.docx

future internetArticleERMOCTAVE A Risk Management Fra.docx
future internetArticleERMOCTAVE A Risk Management Fra.docxfuture internetArticleERMOCTAVE A Risk Management Fra.docx
future internetArticleERMOCTAVE A Risk Management Fra.docxgilbertkpeters11344
 
future internetArticleERMOCTAVE A Risk Management Fra
future internetArticleERMOCTAVE A Risk Management Frafuture internetArticleERMOCTAVE A Risk Management Fra
future internetArticleERMOCTAVE A Risk Management FraDustiBuckner14
 
Future internet articleermoctave a risk management fra
Future internet articleermoctave a risk management fraFuture internet articleermoctave a risk management fra
Future internet articleermoctave a risk management fraarnit1
 
AI model security.pdf
AI model security.pdfAI model security.pdf
AI model security.pdfStephenAmell4
 
Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813Kinetic Potential
 
Sheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docx
Sheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docxSheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docx
Sheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docxedgar6wallace88877
 
Week 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadWeek 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadVinoth Sn
 
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfUNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfVishwanathMahalle
 
A Brief Survey on Various Technologies Involved in Cloud Computing Security
A Brief Survey on Various Technologies Involved in Cloud Computing SecurityA Brief Survey on Various Technologies Involved in Cloud Computing Security
A Brief Survey on Various Technologies Involved in Cloud Computing SecurityAssociate Professor in VSB Coimbatore
 
A security decision reaction architecture for heterogeneous distributed network
A security decision reaction architecture for heterogeneous distributed networkA security decision reaction architecture for heterogeneous distributed network
A security decision reaction architecture for heterogeneous distributed networkchristophefeltus
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniqueseSAT Journals
 
A DEFENSIVE MECHANISM CROSS LAYER ARCHITECTURE FOR MANETS TO IDENTIFY AND COR...
A DEFENSIVE MECHANISM CROSS LAYER ARCHITECTURE FOR MANETS TO IDENTIFY AND COR...A DEFENSIVE MECHANISM CROSS LAYER ARCHITECTURE FOR MANETS TO IDENTIFY AND COR...
A DEFENSIVE MECHANISM CROSS LAYER ARCHITECTURE FOR MANETS TO IDENTIFY AND COR...IJNSA Journal
 
Mapping Security Information and Event Management (SIEM) Rules to Tactics and...
Mapping Security Information and Event Management (SIEM) Rules to Tactics and...Mapping Security Information and Event Management (SIEM) Rules to Tactics and...
Mapping Security Information and Event Management (SIEM) Rules to Tactics and...AntonioProcentese1
 
Exploration Draft Document- CEM Machine Learning & AI Project 2018
Exploration Draft Document- CEM Machine Learning & AI Project 2018Exploration Draft Document- CEM Machine Learning & AI Project 2018
Exploration Draft Document- CEM Machine Learning & AI Project 2018Leslie McFarlin
 
Software security risk mitigation using object oriented design patterns
Software security risk mitigation using object oriented design patternsSoftware security risk mitigation using object oriented design patterns
Software security risk mitigation using object oriented design patternseSAT Journals
 
Software security risk mitigation using object
Software security risk mitigation using objectSoftware security risk mitigation using object
Software security risk mitigation using objecteSAT Publishing House
 

Similar to ISSA Journal September 2008Article Title Article Author.docx (20)

future internetArticleERMOCTAVE A Risk Management Fra.docx
future internetArticleERMOCTAVE A Risk Management Fra.docxfuture internetArticleERMOCTAVE A Risk Management Fra.docx
future internetArticleERMOCTAVE A Risk Management Fra.docx
 
future internetArticleERMOCTAVE A Risk Management Fra
future internetArticleERMOCTAVE A Risk Management Frafuture internetArticleERMOCTAVE A Risk Management Fra
future internetArticleERMOCTAVE A Risk Management Fra
 
Future internet articleermoctave a risk management fra
Future internet articleermoctave a risk management fraFuture internet articleermoctave a risk management fra
Future internet articleermoctave a risk management fra
 
AI model security.pdf
AI model security.pdfAI model security.pdf
AI model security.pdf
 
Ijcatr04061002
Ijcatr04061002Ijcatr04061002
Ijcatr04061002
 
Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813
 
Sheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docx
Sheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docxSheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docx
Sheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docx
 
Week 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadWeek 1&2 intro_ v2-upload
Week 1&2 intro_ v2-upload
 
Incident Response
Incident ResponseIncident Response
Incident Response
 
E1804012536
E1804012536E1804012536
E1804012536
 
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdfUNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
UNIT- I & II_ 3R-Cryptography-Lectures_2021-22_VSM.pdf
 
A Brief Survey on Various Technologies Involved in Cloud Computing Security
A Brief Survey on Various Technologies Involved in Cloud Computing SecurityA Brief Survey on Various Technologies Involved in Cloud Computing Security
A Brief Survey on Various Technologies Involved in Cloud Computing Security
 
A security decision reaction architecture for heterogeneous distributed network
A security decision reaction architecture for heterogeneous distributed networkA security decision reaction architecture for heterogeneous distributed network
A security decision reaction architecture for heterogeneous distributed network
 
A security decision reaction architecture for heterogeneous distributed network
A security decision reaction architecture for heterogeneous distributed networkA security decision reaction architecture for heterogeneous distributed network
A security decision reaction architecture for heterogeneous distributed network
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniques
 
A DEFENSIVE MECHANISM CROSS LAYER ARCHITECTURE FOR MANETS TO IDENTIFY AND COR...
A DEFENSIVE MECHANISM CROSS LAYER ARCHITECTURE FOR MANETS TO IDENTIFY AND COR...A DEFENSIVE MECHANISM CROSS LAYER ARCHITECTURE FOR MANETS TO IDENTIFY AND COR...
A DEFENSIVE MECHANISM CROSS LAYER ARCHITECTURE FOR MANETS TO IDENTIFY AND COR...
 
Mapping Security Information and Event Management (SIEM) Rules to Tactics and...
Mapping Security Information and Event Management (SIEM) Rules to Tactics and...Mapping Security Information and Event Management (SIEM) Rules to Tactics and...
Mapping Security Information and Event Management (SIEM) Rules to Tactics and...
 
Exploration Draft Document- CEM Machine Learning & AI Project 2018
Exploration Draft Document- CEM Machine Learning & AI Project 2018Exploration Draft Document- CEM Machine Learning & AI Project 2018
Exploration Draft Document- CEM Machine Learning & AI Project 2018
 
Software security risk mitigation using object oriented design patterns
Software security risk mitigation using object oriented design patternsSoftware security risk mitigation using object oriented design patterns
Software security risk mitigation using object oriented design patterns
 
Software security risk mitigation using object
Software security risk mitigation using objectSoftware security risk mitigation using object
Software security risk mitigation using object
 

More from bagotjesusa

Issues Identify at least seven issues you see in the case1..docx
Issues Identify at least seven issues you see in the case1..docxIssues Identify at least seven issues you see in the case1..docx
Issues Identify at least seven issues you see in the case1..docxbagotjesusa
 
Issues and disagreements between management and employees lead.docx
Issues and disagreements between management and employees lead.docxIssues and disagreements between management and employees lead.docx
Issues and disagreements between management and employees lead.docxbagotjesusa
 
ISSN1369 7021 © Elsevier Ltd 2010DECEMBER 2010 VOLUME 13 .docx
ISSN1369 7021 © Elsevier Ltd 2010DECEMBER 2010 VOLUME 13 .docxISSN1369 7021 © Elsevier Ltd 2010DECEMBER 2010 VOLUME 13 .docx
ISSN1369 7021 © Elsevier Ltd 2010DECEMBER 2010 VOLUME 13 .docxbagotjesusa
 
ISOL 536Security Architecture and DesignThreat Modeling.docx
ISOL 536Security Architecture and DesignThreat Modeling.docxISOL 536Security Architecture and DesignThreat Modeling.docx
ISOL 536Security Architecture and DesignThreat Modeling.docxbagotjesusa
 
ISOL 533 Project Part 1OverviewWrite paper in sections.docx
ISOL 533 Project Part 1OverviewWrite paper in sections.docxISOL 533 Project Part 1OverviewWrite paper in sections.docx
ISOL 533 Project Part 1OverviewWrite paper in sections.docxbagotjesusa
 
Is the United States of America a democracyDetailed Outline.docx
Is the United States of America a democracyDetailed Outline.docxIs the United States of America a democracyDetailed Outline.docx
Is the United States of America a democracyDetailed Outline.docxbagotjesusa
 
Islamic Profession of Faith (There is no God but God and Muhammad is.docx
Islamic Profession of Faith (There is no God but God and Muhammad is.docxIslamic Profession of Faith (There is no God but God and Muhammad is.docx
Islamic Profession of Faith (There is no God but God and Muhammad is.docxbagotjesusa
 
IS-365 Writing Rubric Last updated January 15, 2018 .docx
IS-365 Writing Rubric Last updated January 15, 2018 .docxIS-365 Writing Rubric Last updated January 15, 2018 .docx
IS-365 Writing Rubric Last updated January 15, 2018 .docxbagotjesusa
 
ISAS 600 – Database Project Phase III RubricAs the final ste.docx
ISAS 600 – Database Project Phase III RubricAs the final ste.docxISAS 600 – Database Project Phase III RubricAs the final ste.docx
ISAS 600 – Database Project Phase III RubricAs the final ste.docxbagotjesusa
 
Is teenage pregnancy a social problem How does this topic reflect.docx
Is teenage pregnancy a social problem How does this topic reflect.docxIs teenage pregnancy a social problem How does this topic reflect.docx
Is teenage pregnancy a social problem How does this topic reflect.docxbagotjesusa
 
Is Texas so conservative- (at least for the time being)- as many pun.docx
Is Texas so conservative- (at least for the time being)- as many pun.docxIs Texas so conservative- (at least for the time being)- as many pun.docx
Is Texas so conservative- (at least for the time being)- as many pun.docxbagotjesusa
 
Irreplaceable Personal Objects and Cultural IdentityThink of .docx
Irreplaceable Personal Objects and Cultural IdentityThink of .docxIrreplaceable Personal Objects and Cultural IdentityThink of .docx
Irreplaceable Personal Objects and Cultural IdentityThink of .docxbagotjesusa
 
IRB is an important step in research. State the required components .docx
IRB is an important step in research. State the required components .docxIRB is an important step in research. State the required components .docx
IRB is an important step in research. State the required components .docxbagotjesusa
 
irem.orgjpm jpm® 47AND REWARDRISK .docx
irem.orgjpm jpm® 47AND REWARDRISK .docxirem.orgjpm jpm® 47AND REWARDRISK .docx
irem.orgjpm jpm® 47AND REWARDRISK .docxbagotjesusa
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxbagotjesusa
 
In two paragraphs, respond to the prompt below. Journal entries .docx
In two paragraphs, respond to the prompt below. Journal entries .docxIn two paragraphs, respond to the prompt below. Journal entries .docx
In two paragraphs, respond to the prompt below. Journal entries .docxbagotjesusa
 
Investigative Statement AnalysisInitial statement given by Ted K.docx
Investigative Statement AnalysisInitial statement given by Ted K.docxInvestigative Statement AnalysisInitial statement given by Ted K.docx
Investigative Statement AnalysisInitial statement given by Ted K.docxbagotjesusa
 
Investigating Happiness at College SNAPSHOT T.docx
Investigating Happiness at College SNAPSHOT T.docxInvestigating Happiness at College SNAPSHOT T.docx
Investigating Happiness at College SNAPSHOT T.docxbagotjesusa
 
Investigate Development Case Death with Dignity Physician-Assiste.docx
Investigate Development Case Death with Dignity Physician-Assiste.docxInvestigate Development Case Death with Dignity Physician-Assiste.docx
Investigate Development Case Death with Dignity Physician-Assiste.docxbagotjesusa
 
Inventory and Production Management in Supply Chains.docx
Inventory and Production Management in Supply Chains.docxInventory and Production Management in Supply Chains.docx
Inventory and Production Management in Supply Chains.docxbagotjesusa
 

More from bagotjesusa (20)

Issues Identify at least seven issues you see in the case1..docx
Issues Identify at least seven issues you see in the case1..docxIssues Identify at least seven issues you see in the case1..docx
Issues Identify at least seven issues you see in the case1..docx
 
Issues and disagreements between management and employees lead.docx
Issues and disagreements between management and employees lead.docxIssues and disagreements between management and employees lead.docx
Issues and disagreements between management and employees lead.docx
 
ISSN1369 7021 © Elsevier Ltd 2010DECEMBER 2010 VOLUME 13 .docx
ISSN1369 7021 © Elsevier Ltd 2010DECEMBER 2010 VOLUME 13 .docxISSN1369 7021 © Elsevier Ltd 2010DECEMBER 2010 VOLUME 13 .docx
ISSN1369 7021 © Elsevier Ltd 2010DECEMBER 2010 VOLUME 13 .docx
 
ISOL 536Security Architecture and DesignThreat Modeling.docx
ISOL 536Security Architecture and DesignThreat Modeling.docxISOL 536Security Architecture and DesignThreat Modeling.docx
ISOL 536Security Architecture and DesignThreat Modeling.docx
 
ISOL 533 Project Part 1OverviewWrite paper in sections.docx
ISOL 533 Project Part 1OverviewWrite paper in sections.docxISOL 533 Project Part 1OverviewWrite paper in sections.docx
ISOL 533 Project Part 1OverviewWrite paper in sections.docx
 
Is the United States of America a democracyDetailed Outline.docx
Is the United States of America a democracyDetailed Outline.docxIs the United States of America a democracyDetailed Outline.docx
Is the United States of America a democracyDetailed Outline.docx
 
Islamic Profession of Faith (There is no God but God and Muhammad is.docx
Islamic Profession of Faith (There is no God but God and Muhammad is.docxIslamic Profession of Faith (There is no God but God and Muhammad is.docx
Islamic Profession of Faith (There is no God but God and Muhammad is.docx
 
IS-365 Writing Rubric Last updated January 15, 2018 .docx
IS-365 Writing Rubric Last updated January 15, 2018 .docxIS-365 Writing Rubric Last updated January 15, 2018 .docx
IS-365 Writing Rubric Last updated January 15, 2018 .docx
 
ISAS 600 – Database Project Phase III RubricAs the final ste.docx
ISAS 600 – Database Project Phase III RubricAs the final ste.docxISAS 600 – Database Project Phase III RubricAs the final ste.docx
ISAS 600 – Database Project Phase III RubricAs the final ste.docx
 
Is teenage pregnancy a social problem How does this topic reflect.docx
Is teenage pregnancy a social problem How does this topic reflect.docxIs teenage pregnancy a social problem How does this topic reflect.docx
Is teenage pregnancy a social problem How does this topic reflect.docx
 
Is Texas so conservative- (at least for the time being)- as many pun.docx
Is Texas so conservative- (at least for the time being)- as many pun.docxIs Texas so conservative- (at least for the time being)- as many pun.docx
Is Texas so conservative- (at least for the time being)- as many pun.docx
 
Irreplaceable Personal Objects and Cultural IdentityThink of .docx
Irreplaceable Personal Objects and Cultural IdentityThink of .docxIrreplaceable Personal Objects and Cultural IdentityThink of .docx
Irreplaceable Personal Objects and Cultural IdentityThink of .docx
 
IRB is an important step in research. State the required components .docx
IRB is an important step in research. State the required components .docxIRB is an important step in research. State the required components .docx
IRB is an important step in research. State the required components .docx
 
irem.orgjpm jpm® 47AND REWARDRISK .docx
irem.orgjpm jpm® 47AND REWARDRISK .docxirem.orgjpm jpm® 47AND REWARDRISK .docx
irem.orgjpm jpm® 47AND REWARDRISK .docx
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
 
In two paragraphs, respond to the prompt below. Journal entries .docx
In two paragraphs, respond to the prompt below. Journal entries .docxIn two paragraphs, respond to the prompt below. Journal entries .docx
In two paragraphs, respond to the prompt below. Journal entries .docx
 
Investigative Statement AnalysisInitial statement given by Ted K.docx
Investigative Statement AnalysisInitial statement given by Ted K.docxInvestigative Statement AnalysisInitial statement given by Ted K.docx
Investigative Statement AnalysisInitial statement given by Ted K.docx
 
Investigating Happiness at College SNAPSHOT T.docx
Investigating Happiness at College SNAPSHOT T.docxInvestigating Happiness at College SNAPSHOT T.docx
Investigating Happiness at College SNAPSHOT T.docx
 
Investigate Development Case Death with Dignity Physician-Assiste.docx
Investigate Development Case Death with Dignity Physician-Assiste.docxInvestigate Development Case Death with Dignity Physician-Assiste.docx
Investigate Development Case Death with Dignity Physician-Assiste.docx
 
Inventory and Production Management in Supply Chains.docx
Inventory and Production Management in Supply Chains.docxInventory and Production Management in Supply Chains.docx
Inventory and Production Management in Supply Chains.docx
 

Recently uploaded

Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 

Recently uploaded (20)

Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 

ISSA Journal September 2008Article Title Article Author.docx

  • 1. ISSA Journal | September 2008Article Title | Article Author 1�1� ISSA The Global Voice of Information Security Extending the McCumber Cube to Model Network Defense By Sean M. Price – ISSA member Northern Virginia, USA chapter This article proposes an extension to the McCumber Cube information security model to determine the best countermeasures to achieve a desired security goal. Confidentiality, integrity, and availability are the se-curity services of a system. In other words they are the security goals of system defense, intangible at- tributes� providing assurances for the information protected. Each service is realized when the appropriate countermea- sures for a given information state are in place. But, it is not enough to select countermeasures ad hoc. Countermeasures should be selected to defend a system and its information against specific types of attacks. When attacks against partic- ular information states are considered, the necessary coun- termeasures can be selected to achieve the desired security service or goal. This article proposes an extension to the Mc- Cumber Cube information security model as a way for the security practitioner to consider the best countermeasures to achieve the desired security goal.
  • 2. Security models Models are useful tools to help understand complex topics. A well-developed model can often be represented graphically, allowing a deeper understanding of the relationships of the components that make the whole. A formal security model is broadly applicable and rigorously developed using formal methods.2 In contrast, an informal model is considered lack- ing one or both of these qualities. There are a variety of in- formal models in the information security world which are regularly used by security practitioners to understand basic information and concepts. � Security goals often lack explicit definitions and are difficult to quantify. They are usually based on policies with broad interpretations and tend to be qualitative. It is true that security goals emerge from the confluence of information states and coun- termeasures which have measurable attributes. But, the subjective nature of security goals combined with informal modeling characterizes their attributes as intangible. 2 P. T. Devanbu and S. Stubblebine, “Software Engineering for Security: A Roadmap,” Proceedings of the Conference on The Future of Software Engineering (2000), 227-239. One such informal model is the generally accepted risk as- sessment framework. This model is used to assess risk by estimating asset values, vulnerabilities, threats with their likelihood of exploiting a vulnerability, and losses. Figure � illustrates this model. Note that this commonly used model requires a substantial amount of estimating on the part of
  • 3. the risk assessment participants. This is problematic when reliable estimates cannot be obtained. Another problem with this model is that it does not guide the participants on how best to secure risky aspects of the system. By extending the McCumber Cube, another informal security model, this ar- ticle will discuss one way to reduce reliance on inexact esti- mates and improve risk by focusing the assessment on attacks while deriving explicit countermeasures. McCumber Cube model John McCumber developed the McCumber Cube as a way to model risk management.3 This model provides the security practitioner with a means to graphically evaluate and man- age risk for a system (see Figure 2). Viewing the cube from different angles provides a security practitioner with a way to consider risk from different per- spectives. The three primary aspects of the cube involve: 3 J. McCumber, Assessing and Managing Security Risk in IT Systems: A Structured Meth- odology (Boca Raton, FL: Auerbach, 2004). Information States Security Goals Co un ter me as ur
  • 6. Risk+ + X = Figure 2 – McCumber Cube Figure 1 – Risk Assessment Model ISSA Journal | September 2008 1� Information states – These represent the various forms in which information can be found within a system. Informa- tion is the fundamental aspect of what it is that must be pro- tected. Processing – Information held in volatile memory or currently manipulated through the processor Storage – This generally refers to non-volatile storage such as files on hard drives or backup media Transmission – Information transiting network me- dia Countermeasures – These are elements which can be used to defend a system from attack, which can be used to protect information in its various states. People – All individuals associated with a system to include administrators and users Policies and practices – Documented policies and pro- cedures used to guide people interacting with the
  • 7. system; work flows, separation of duties, and least privilege Technology – Hardware and software which comprise the system such as operating systems, applications, networking devices, and security tools Security services – These are the ultimate security goals of a system. They are not concrete but intangible. Confidentiality – Protecting information from an un- authorized or unintended disclosure Integrity – A quality which prevents the unauthorized alteration or destruction of information Availability – The ability to retrieve requisite infor- mation in a timely manner for an authorized user The McCumber Cube can be used by selecting a desired se- curity service and considering what countermeasures must be implemented to protect the affected information states. For example, suppose we need to defend a network against all compromises to information confidentiality. An approach would be to begin enumerating all the different types of con- trols which could be used to protect information confidenti- ality for each of the information states. Some of these items would include: Encryption – Protects information at rest or in tran- sit Antivirus – Identifies malicious code which might steal and retransmit information Periodic port scanning – Identifies unauthorized or
  • 8. suspicious ports within the system Identification and authentication – Used to support access control and accountability for information ac- cessed Vulnerability scanning – Identifying exploitable weaknesses in the system • • • • • • • • • • • • • •
  • 9. Incident response – Procedures used to respond to confidentiality breaches Configuration management – Ensuing appropriate access controls are implemented to protect informa- tion from unauthorized access System documentation – Identifies all countermea- sures in place to protect information confidentiality within the network Awareness training – Informing users of their re- sponsibilities to protect information from exposure as well as escalation of suspected or actual informa- tion exposures Extending the McCumber Cube Managing from such an abstract list is daunting at best. Even when the list is subdivided according to the countermeasures it can still be difficult to decide if all of the necessary counter- measures are in place. Achieving a more granular approach requires a minimization of the view from all three informa- tion states to each individually. This reduction allows the se- curity practitioner to focus on the risk implications associ- ated with the implementation of countermeasures for a given information state and a particular security service. One way to consider the appropriateness and completeness of a countermeasure is to match it with attacks which might be used against the system. In this way, a risk-based decision can be made regarding each possible attack and the types of countermeasures which might best be used as a basis for de- fense. A graphical representation of this concept is given in Figure 3. Here we see that an individual attack for a particu- lar information state is combined with the appropriate coun-
  • 10. termeasures. When these three items are properly merged the applicable security concept is implied. Although this concept reduces the total view of the McCum- ber Cube, it simultaneously extends its functional aspects. Extensions of the McCumber Cube are not new. The Infor- mation Assurance Model extends the McCumber Cube by adding the security services of authentication and non-repu- diation.4 It also adds the dimension of time as a consideration for risk-based activities for information assurance. Security practitioners are encouraged to seek new ways to view exist- ing paradigms. Reducing the scope of the view of the McCumber Cube can enhance risk-based decisions for the countermeasures need- ed to protect against specific attacks. The elements in Figure 3 are defined as follows: 4 W. V. Maconachy, C. D. Schou, D. Ragsdale, and D. Welch, “A Model for Information Assurance: An Integrated Approach,” Proceedings of the IEEE Workshop on Information Assurance and Security (200�), 30�-3�0. • • • • Extending the McCumber Cube to Model Network Defense | Sean M. Price Counter-
  • 11. measures Security Goal Information StateAttack + + Figure � – Proposed Extension to McCumber Cube ISSA Journal | September 2008 1� Extending the McCumber Cube to Model Network Defense | Sean M. Price Attacks – A particular technique ex- ploiting a system weakness Information states – What it is that needs to be protected Countermeasures – Those things which can be implemented to defend the network – it is important to note that a weakness presented in one of the associated countermeasures could reduce the ability to achieve the stated security goal Security services – The goal achieved when attacks to a given information state are mitigated with the iden- tified countermeasures
  • 12. The model created by McCumber does not require the use of three types of countermeasures. This provides the model user with flexibility. However, this is not an advisable prac- tice. Ideally, a system is designed with appropriate defense- in-depth to enable a security service to continue when a par- ticular countermeasure fails. The extension proposed in this article requires the security practitioner to identify controls for each of the countermeasure classes of people, policies and practices, as well as technology. Model extension use scenarios The following scenarios consider a strategy which enables each of the three security services. Each focuses on the trans- mission information state regarding network defense. Given a particular attack, potential countermeasures are selected which supports the implication that the security service is in effect. A security practitioner could easily compile this in- formation into a table as a form of reference for a given sys- tem. Each scenario is accompanied by a table to illustrate this point. Confidentiality on the network Sensitive information commonly transits many networks. Multitudes of threat agents actively seek to capture sensitive information. Preventing the unauthorized or unintentional exposure of sensitive information is an important part of the security program of many organizations. Figure 4 illustrates Sniffers as a type of attack tool which could be mitigated with select countermeasures. Attack: Sniffers used to record network traffic.5 Countermeasures: Technology – Encryption is used to protect informa- tion from an unintended exposure. This may involve
  • 13. 5 Z. Trabelsi and H. Rahmani, “Detection of sniffers in an Ethernet network,” Lecture Notes in Computer Science, 3225 (2004), �70-�82. • • • • • encryption between network nodes or other imple- mentation such as those which are file-based to en- able protection. Policies and practices – Cryptographic key manage- ment is necessary to ensure only those authorized ac- cess to the information are allowed to decrypt it. People – Users should be trained on what information should be transmitted through encrypted channels and how it should be accomplished. Clearly, encryption is an excellent choice to use when protect- ing the confidentiality of information transmitted through a network. However, encryption is of little use if keys are not properly managed and people are not aware of its appropriate use. Table � lists the elements of Figure 4. Integrity for network information Information traversing a network might be modified in tran- sit. Encryption provides an excellent means to detect modi-
  • 14. fication to the information. However, encryption is not the best control to use in every circumstance. In this scenario an attacker uses ARP spoofing to redirect traffic. This allows an attacker the ability to redirect traffic to a particular network node where data packets could be manipulated. Figure 5 il- lustrates the aspects of this scenario. Attack: ARP spoofing is a known method facilitating net- work traffic redirection.6 Countermeasures: Technology – Scanning tools configured to look for peculiar ports and unauthorized duplicate MAC ad- dresses is essential. Tools which conduct reverse ARP evaluations are the best to use. Policies and practices – The scanning should be con- ducted periodically. Automated scans are best. How- ever, the results of any scan will need to be regularly evaluated. People – Administrators and security personnel should be trained on the use of the tools and tech- niques necessary to investigate suspicious activity. 6 S. J. Templeton and K. E. Levitt, “Detecting Spoofed Packets,” Proceedings of the DAR- PA Information Survivability Conference and Exposition, 1 (2003), �64-�75. • • •
  • 15. • • Attack Vector Information State Countermeasures Security Goal Technology ___________________ Policy ________________________ People _______________________ _______________ _______________ _______________ Encryption Key Management Training Sniffer Transmission Confidentiality Port Scanning Periodic Scans Investigators IntegrityTransmissionARP Spoofing + + Encryption Key Mgmt. Training ConfidentialityTransmissionSniffer + + Figure 4 – Confidentiality Model Extension
  • 16. Table 1 – Sniffer against Transmission Figure � – Integrity Model Extension ISSA Journal | September 2008 1� Attacks against network integrity, such as those using ARP spoofing, are interesting problems which might seem unlike- ly to occur. However, consider the possibilities of attacks such as pharming against network information integrity.7 Unau- thorized changes to dynamic naming servers (DNS), hosts files, and networking device configurations are similar in af- fect to ARP spoofing. Each of these could be used to redirect traffic to locations where the information could be tampered with or removed entirely form the system. Although the outcome is likely to be the same, different countermeasures would need to be considered for each aforementioned case since the target methodology is different. Table 2 shows the aspects of Figure 5. Network availability The inability to access information resources reduces the usefulness of a system. In some situations a lack of availability can directly affect the viability of an organization. At- tacks which prevent users from accessing information resources in a timely manner are a continuing problem. Defending against a denial of service (DOS) attack is not always simple. Detection of these types of attacks is an important capability needed to preserve the availability of many information systems. Figure 6 presents one approach
  • 17. which can be used to counteract DOS attacks. Attack: DOS prevents timely access to information or sys- tems. Countermeasures: Technology – Intrusion detection can be used to iden- tify events indicative of a DOS attack. Policies and practices – Processes and procedures should be documented and regularly followed to identify DOS activity. People – Individuals need to be trained to effectively use intrusion detection tools and interpret their out- put. Incident response skills will also be needed to re- spond to actual DOS events. Those assigned tasks to 7 A. Emigh, “Phising Attacks: Information Flow and Chokepoints,” in M. Jakobsson and S. Myers (eds.), Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft, pp. 3�-63 (Hoboken, NJ: John Wiley and Sons, 2007). • • • identify and respond to DOS activity should periodically practice incident response ac- tivities.
  • 18. In the information security realm detection must always be used when prevention can- not. But, is it necessary to also detect when preventative measures are implemented? The answer is a re- sounding, yes! Due to the possibility that a countermeasure might be bypassed or fail, detection must always continue. The most likely source of a DOS will come from outside of an organization. Firewalls are tools which are an acceptable countermeasure against a DOS attack.8 However, these tools are of little use when the attack originates from inside a pro- tected enclave. The pervasiveness of Trojan horses and bots allows attackers to launch any assault they desire.9 As such, internal monitoring for a DOS will still be needed. Although detection must be used when prevention cannot, it should also be implemented when prevention is in place because it is unlikely that the preventative controls will be absolute. No tool or solution is a silver bullet which solves all associated security problems. Table 3 lists the considerations of the at- tack and the countermeasures selected for the information state and security goal. These scenarios demonstrate a means to designate poten- tial countermeasures for a given attack. The examples listed should not be interpreted to be fully inclusive. A complete solution requires a careful evaluation of the environment which may reveal multiple areas which need countermea- sures. Minimally, at least one countermeasure for technol- ogy, operations, and people should be implemented as a way to achieve defense-in-depth.�0 Extension used with risk assessments The primary purpose of this article is to discuss an exten- sion to the McCumber Cube which associates a specific attack with a selected information state and particular security ser-
  • 19. vice. This new model could also be used in a risk framework to ascertain the level of risk present for any given situation in a network environment. Figure 7 suggests that perceived threats coupled with their likelihood with this McCumber Cube extension could be used to evaluate system risk. 8 C. L. Schuba, I. V. Krusl, M. G. Kuhn, E. H. Spafford, A. Sundaram, and D. Zamboni, “Analysis of a Denial of Service Attack on TCP,” Proceedings of the 1997 IEEE Sympo- sium on Security and Privacy (�997), 208-223. 9 D. Geer, “Malicious Bots Threaten Network Security,” Computer, 38(�) (2005), �8-20. �0 “Defense in Depth: A practical strategy for achieving Information Assurance in to- day’s highly networked environments” (2008). Retrieved July �, 2008, from www.nsa. gov/snac/support/defenseindepth.pdf. Extending the McCumber Cube to Model Network Defense | Sean M. Price Attack Vector Information State Countermeasures Security Goal Technology ___________________ Policy ________________________ People _______________________ _______________ _______________ _______________ Port scanning
  • 20. Periodic scans Investigators ARP Spoofing Transmission Integrity Attack Vector Information State Countermeasures Security Goal Technology ___________________ Policy ________________________ People _______________________ _______________ _______________ _______________ Intrusion detection Monitoring Incident response Denial of Service Transmission Availability Intrusion Detect. Monitoring Incident Resp. AvailabilityTransmissionDenial of Service + + Table 2 – ARP Spoofing against Transmissions Figure � – Availability Model Extension
  • 21. Table � – Denial of Service against Transmissions ISSA Journal | September 2008 18 preferable. Often the estimates used in risk assessments have little research or quantitative results to support their asser- tions. The extension expressed in this article minimizes the estimates and focuses the risk assessment on explicit coun- termeasures for a specific threat. Conclusion Using models is one way to consider methods to defend a net- work. The McCumber Cube is a robust, yet informal, model which provides a security practitioner with a graphical means to understand and evaluate system risk. This article proposed an extension to the McCumber Cube which can be used to as- sociate security services, countermeasures, and information states with specific attacks. Using this type of model allows a more discrete identification of countermeasures needed to defend a network against specific types of attack. It can also be used as a new way to evaluate risk in a system. About the Author Sean M. Price, CISA, CISSP, is an inde- pendent security researcher and consultant living in northern Virginia. He specializes in designing and evaluating organizational information assurance programs and system security architec- tures. Research interests include insider threat, information flows, and applications of artificial intelligence to information assurance problems. Prior publications include the Informa-
  • 22. tion Security Management Handbook, Official (ISC)2 Guide to the CISSP CBK, IEEE Computer magazine, as well as other journals and conferences. You can reach him at [email protected] tinel-consulting.com. The proposed extension to the McCumber cube takes risk as- sessment from a different angle. Why not consider specific threats and the estimate of their likelihood and then identify countermeasures that should be in place to defend against them. A lack of existing countermeasures from a defense-in- depth perspective (which is a vulnerability) equates to more risk for the system. Risk assessments do not generally con- sider countermeasures in the equation. Perhaps this is an in- tuitive exercise on the part of the assessors, but existing mod- els in the literature seldom discuss it in detail. Popular risk assessment models often include too many estimates which devalues their worth. A model which is closer to a state of reality as opposed to something which relies on estimates is Extending the McCumber Cube to Model Network Defense | Sean M. Price Counter- measures Security Goal Information StateAttack + + Threat +
  • 23. Likelihood + Risk www.issa.org/Members/Webcasts.html for on demand webcasts: ISSA/ISACA Webinar-DNS Security: New Threats, Immediate Responses, Long Term Outlook Understanding Employee Behavioral Profiles to Stop Insider Threats Sponsored by: Raytheon Oakley Systems Roles-Based Access Governance: Best Practices for Practitioners Sponsored by: Aveksa www.aveska.com Key Steps to Securing Your Organization and Evicting a Hacker Sponsor: Foundstone Professional Services (a division of McAfee) www.ISSA.org/Resources.html — ISSA Member Resources Webcasts Figure � – Model Extension with Risk Assessment Popular risk assessment models often include too many estimates which devalues their worth.