Model Based Security Policy Assessment for e-Business Environment

Free registration required

Executive Summary

The key to profitability for e-business is ensuring data integrity, service availability, and user information confidentiality along the entire e-services chain. Both staffs and IT system components need to compare secure policy with performance in an e-business environment. Currently, most efforts set focus on e-business process analysis and value-chain analysis, little attention is put on the secure policy compliance assessment. This paper presents a model based security policy assessment approach that integrates fault tree analysis technology and top-down architecture driven system analysis method. The assessment process includes security attribute scenarios generation, e-business security model construction, fault tree based threat model construction, and security policy evaluation.

  • Format: PDF
  • Size: 148.6 KB