Summary: 0018-9162/00/$10.00 © 2000 IEEE52 Computer
Windows of
Vulnerability:
A Case Study
Analysis
C
omplex information and communication
systems give rise to design, implementation,
and management errors. These errors can
lead to a vulnerability--a flaw in an infor-
mation technology product that could allow
violations of security policy.
Anecdotal evidence alone suggests that known and
patchable vulnerabilities cause the majority of system
intrusions. Although no empirical study has substanti-
ated this anecdotal evidence, none has refuted it either.
Nor have studies conducted to determine the number
of computers at risk for security breaches focused on
the intrusion trends of specific vulnerabilities.1,2
Here we propose a life-cycle model that describes

Source: Arbaugh, William A. - Institute for Advanced Computer Studies & Department of Computer Science, University of Maryland at College Park

Collections: Computer Technologies and Information Sciences