Framework for generating expert systems to perform computer security risk analysis
At Los Alamos we are developing a framework to generate knowledge-based expert systems for performing automated risk analyses upon a subject system. The expert system is a computer program that models experts' knowledge about a topic, including facts, assumptions, insights, and decision rationale. The subject system, defined as the collection of information, procedures, devices, and real property upon which the risk analysis is to be performed, is a member of the class of systems that have three identifying characteristics: a set of desirable assets (or targets), a set of adversaries (or threats) desiring to obtain or to do harm to the assets, and a set of protective mechanisms to safeguard the assets from the adversaries. Risk analysis evaluates both vulnerability to and the impact of successful threats against the targets by determining the overall effectiveness of the subject system safeguards, identifying vulnerabilities in that set of safeguards, and determining cost-effective improvements to the safeguards. As a testbed, we evaluate the inherent vulnerabilities and risks in a system of computer security safeguards. The method considers safeguards protecting four generic targets (physical plant of the computer installation, its hardware, its software, and its documents and displays) against three generic threats (natural hazards, direct human actions requiring the presence of the adversary, and indirect human actions wherein the adversary is not on the premises-perhaps using such access tools as wiretaps, dialup lines, and so forth). Our automated procedure to assess the effectiveness of computer security safeguards differs from traditional risk analysis methods.
- Research Organization:
- Los Alamos National Laboratory (LANL), Los Alamos, NM (United States)
- DOE Contract Number:
- W-7405-ENG-36
- OSTI ID:
- 5659940
- Report Number(s):
- LA-UR-85-1933; CONF-850885-2; ON: DE85014134
- Resource Relation:
- Conference: 1. annual AFCEA symposium and exposition on physical and electronic security, Philadelphia, PA, USA, 19 Aug 1985; Other Information: Portions of this document are illegible in microfiche products
- Country of Publication:
- United States
- Language:
- English
Similar Records
Computer Security Risk Assessment
Autonomous System Inference, Trojan, and Adversarial Reprogramming Attack and Defense (Final)