This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Risk-based Systems Security Engineering: Stopping Attacks with Intention
November-December 2004 (vol. 2 no. 6)
pp. 59-62
Government and industry increasingly rely on modern information systems (IS) for mission successes. But their critical IS must survive in hostile environments; thus, mission owners need systems security engineers to build systems that are secure against real-world attacks but not over-engineered against a particular one. By understanding which attacks are most likely and which risks are most serious, mission owners can make cost-effective countermeasures decisions. We describe a systems security-engineering methodology for enumerating system attacks, assessing risks, and choosing countermeasures that best mitigate the risks.
Index Terms:
Mordor, security systems, attack intentions, profiles, threat assessment
Citation:
Shelby Evans, David Heinbuch, Elizabeth Kyule, John Piorkowski, James Wallner, "Risk-based Systems Security Engineering: Stopping Attacks with Intention," IEEE Security & Privacy, vol. 2, no. 6, pp. 59-62, Nov.-Dec. 2004, doi:10.1109/MSP.2004.109
Usage of this product signifies your acceptance of the Terms of Use.