Assessment of network security policy based on security capability

The validity of the security policy has important impacts on the safety performance of network information system. For purpose of verifying it effectively, an assessment model of network security policy based on security capability is proposed. The relationship of defense methods, application targets, and information security attribute characteristics is analyzed based on the establishing of security domain and security policy, and the network security capability of security policy is evaluated. Result shows that the model can effectively reflect the protect ability of security policy. It provides a new solution and reference for assessing and adjusting the network security policy, so as to better ensure system security.

[1]  Wen Hong,et al.  A Formal Commercial Secure Policy Model Based on Framework , 2005 .

[2]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[3]  Han Zhen,et al.  Security Protocol and Scheme for Inter-Realm Information Accessing , 2005 .

[4]  Wim Mees,et al.  Risk management in coalition networks , 2007, Third International Symposium on Information Assurance and Security.

[5]  Xu Bao,et al.  New Method of Discretization of Continuous Attributes Based on Rough Set , 2003 .

[6]  Shawn A. Butler Security attribute evaluation method: a cost-benefit approach , 2002, ICSE '02.

[7]  Kaiyu Wan,et al.  Security Contexts in Autonomic Systems , 2006, 2006 International Conference on Computational Intelligence and Security.

[8]  Chenghua Tang,et al.  A Network Security Policy Model and Its Realization Mechanism , 2006, Inscrypt.

[9]  Guo Zhizhong,et al.  Vulnerability Assessment of Cyber Security in Power Industry , 2006, 2006 IEEE PES Power Systems Conference and Exposition.

[10]  Qing Sihan,et al.  A Security Domain Separation Z Model Based on DTE Policy , 2007 .