论文信息 - A Critical Analysis of Vulnerability Taxonomies

A Critical Analysis of Vulnerability Taxonomies

Abstract : Computer vulnerabilities seem to be omnipresent. In every system fielded programming errors configuration errors and operation errors have allowed unauthorized users to enter systems or authorized users to take unauthorized actions. Efforts to eliminate the flaws have failed miserably; indeed sometimes attempts to patch a vulnerability have increased the danger. Further designers and implementers rarely learn from the mistakes of others in part because these security holes are so rarely documented in the open literature.

Matt Bishop | David Bailey | M. Bishop | D. Bailey

[1] R. P. Abbott,et al. Security Analysis and Enhancements of Computer Operating Systems , 1976 .

[2] Donn Seeley,et al. A Tour of the Worm , 1988 .

[3] Carl E. Landwehr,et al. A taxonomy of computer program security flaws , 1993, CSUR.

[4] Matt Bishop,et al. A Taxonomy of UNIX System and Network Vulnerabilities , 1997 .

[5] Peter G. Neumann,et al. Computer system - Security evaluation , 1899, AFIPS National Computer Conference.