Assessment of Network Security Policy Based on Security Capability

The validity of the security policy has important impacts on the safety performance of network information system. For purpose of verifying it effectively, an assessment model of network security policy based on security capability is proposed. The relationship of defense methods, application targets, and information security attribute characteristics is analyzed based on the establishing of security domain and security policy, and the network security capability of security policy is evaluated. Result shows that the model can effectively reflect the protect ability of security policy. It provides a new solution and reference for assessing and adjusting the network security policy, so as to better ensure system security.

[1]  Qing Sihan,et al.  A Security Domain Separation Z Model Based on DTE Policy , 2007 .

[2]  Wim Mees,et al.  Risk management in coalition networks , 2007, Third International Symposium on Information Assurance and Security.

[3]  Chenghua Tang,et al.  A Network Security Policy Model and Its Realization Mechanism , 2006, Inscrypt.

[4]  Kaiyu Wan,et al.  Security Contexts in Autonomic Systems , 2006, 2006 International Conference on Computational Intelligence and Security.

[5]  Guo Zhizhong,et al.  Vulnerability Assessment of Cyber Security in Power Industry , 2006, 2006 IEEE PES Power Systems Conference and Exposition.

[6]  Han Zhen,et al.  Security Protocol and Scheme for Inter-Realm Information Accessing , 2005 .

[7]  S.A. Butler,et al.  Security attribute evaluation method: a cost-benefit approach , 2002, Proceedings of the 24th International Conference on Software Engineering. ICSE 2002.

[8]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[9]  Wen Hong,et al.  A Formal Commercial Secure Policy Model Based on Framework , 2005 .

[10]  Xu Bao,et al.  New Method of Discretization of Continuous Attributes Based on Rough Set , 2003 .