AUTOMATED ASSESSMENT OF COMPLIANCE WITH SECURITY BEST PRACTICES

机译：对安全最佳实践的合规性自动评估

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

Several standards and best practices have been proposed for critical infrastructure protection. However, the scale and complexity of critical infrastructure assets renders manual compliance checking difficult, if not impossible. This paper focuses on the automated assessment of security compliance of electrical power grid assets. A security model based on predicate calculus is used to express infrastructure elements (e.g., devices, services, protocols, access control implementations) as "facts" and security standards and best practices as "rules" that specify constraints on the facts. A tool chain is applied to automatically generate the security model from specifications and to check compliance with standards and best practices. The tool chain also supports the visualization of network topology and security assessment results to reveal possible points of attack.

机译：对于关键的基础设施保护，已经提出了一些标准和最佳实践。但是，关键基础设施资产的规模和复杂性使人工合规性检查非常困难，甚至不是不可能。本文着重于自动化评估电网资产的安全合规性。使用基于谓词演算的安全模型将基础结构元素（例如，设备，服务，协议，访问控制实现）表示为“事实”，将安全标准和最佳做法表示为“规则”，这些规则指定了对事实的约束。应用了一个工具链，以根据规范自动生成安全模型，并检查是否符合标准和最佳实践。该工具链还支持网络拓扑和安全评估结果的可视化，以揭示可能的攻击点。

著录项

来源
《Critical Infrastructure Protection II》|2008年|P.173-187|共15页
会议地点 ArlingtonVA(US)
作者
Zahid Anwar; Roy Campbell;
展开▼
作者单位

International Federation for Information Processing(IFIP);

IFIP 290;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类世界经济波动与经济危机;
关键词
security best practices; compliance assessment; first order logic;

机译：安全最佳实践；合规评估；一阶逻辑;

相似文献

外文文献
中文文献
专利

1. Exploring the Effect of Knowledge Transfer Practices on User Compliance to IS Security Practices [J] . Tonia San Nicolas-Rocca, Benjamin Schooley, Janine L. Spears International journal of knowledge management . 2014,第2期

机译：探索知识转移实践对用户遵守IS安全实践的影响
2. The impact of educational materials on compliance and persistence rates with adjuvant aromatase inhibitor treatment: First-year results from the Compliance of ARomatase Inhibitors AssessmenT In Daily practice through Educational approach (CARIATIDE) study [J] . NevenP., MarkopoulosC., TannerM., The Breast : . 2014,第4期

机译：辅助芳香化酶抑制剂治疗对教材的依从性和持久性的影响：通过教育方法（CARIATIDE）研究在日常实践中对芳香酶抑制剂的依从性评估的第一年结果
3. Automation reliability, human-machine system performance, and operator compliance: A study with airport security screeners supported by automated explosives detection systems for cabin baggage screening [J] . Applied Ergonomics . 2020,第期

机译：自动化可靠性，人机系统性能和操作员合规性：通过自动化爆炸物检测系统支持机场安全筛选器，用于机舱行李筛查
4. AUTOMATED ASSESSMENT OF COMPLIANCE WITH SECURITY BEST PRACTICES [C] . Zahid Anwar, Roy Campbell Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection . 2008

机译：自动评估遵守安全最佳实践
5. Inferring Big Five Personality Factors Using Text Analysis Its Assessment and Impact on Prosocial Behavior and IS Security Compliance [D] . Koffi, Bouabre Jean Baptiste. 2020

机译：使用文本分析推断大五个人格因素，其评估和对女性行为的影响，是安全合规性
6. Security practices and regulatory compliance in the healthcare industry [O] . Juhee Kwon, M Eric Johnson -1

机译：医疗保健行业的安全实践和法规遵从
7. Internalization of Information Security Policy and Information Security Practice: A Comparison with Compliance [O] . Park Minjung, Chai Sangmi 2018

机译：信息安全政策内部化与信息安全实践：与合规性的比较

AUTOMATED ASSESSMENT OF COMPLIANCE WITH SECURITY BEST PRACTICES

摘要

著录项

相似文献

相关主题

期刊订阅