The Community for Technology Leaders
Green Image
ABSTRACT
Government and industry increasingly rely on modern information systems (IS) for mission successes. But their critical IS must survive in hostile environments; thus, mission owners need systems security engineers to build systems that are secure against real-world attacks but not over-engineered against a particular one. By understanding which attacks are most likely and which risks are most serious, mission owners can make cost-effective countermeasures decisions. We describe a systems security-engineering methodology for enumerating system attacks, assessing risks, and choosing countermeasures that best mitigate the risks.
INDEX TERMS
Mordor, security systems, attack intentions, profiles, threat assessment
CITATION
John Piorkowski, Elizabeth Kyule, David Heinbuch, James Wallner, Shelby Evans, "Risk-based Systems Security Engineering: Stopping Attacks with Intention", IEEE Security & Privacy, vol. 2, no. , pp. 59-62, November-December 2004, doi:10.1109/MSP.2004.109
91 ms
(Ver )