UID:
almafu_9960073751502883
Umfang:
1 online resource (367 p.)
Ausgabe:
1st edition
ISBN:
9786612954917
,
9781282954915
,
1282954911
,
9780123814159
,
0123814154
Serie:
The MK/OMG Press
Inhalt:
In this day of frequent acquisitions and perpetual application integrations, systems are often an amalgamation of multiple programming languages and runtime platforms using new and legacy content. Systems of such mixed origins are increasingly vulnerable to defects and subversion. System Assurance: Beyond Detecting Vulnerabilities addresses these critical issues. As a practical resource for security analysts and engineers tasked with system assurance, the book teaches you how to use the Object Management Group's (OMG) expertise and unique standards to obtain accurate knowledge about
Anmerkung:
Description based upon print version of record.
,
Front Cover; System AssuranceBeyond DetectingVulnerabilities; Copyright; Dedication; Contents; Foreword; Preface; Chapter 1: Why hackers know more about our systems; 1.1. Operating In Cyberspace Involves Risks; 1.2. Why Hackers Are Repeatedly Successful; 1.3. What are the challenges in defending cybersystems?; 1.4. Where Do We Go From Here?; 1.5. Who Should Read This Book?; Bibliography; Chapter 2: Confidence as a product; 2.1. Are You Confident That There Is No Black Cat In The Dark Room?; 2.2. The Nature of Assurance; 2.3. Overview of the assurance process; Bibliography
,
Chapter 3: How to build confidence3.1. Assurance in the System Life Cycle; 3.2. Activities of System Assurance Process; Bibliography; Chapter 4: Knowledge of system as an element of cybersecurity argument; 4.1. What is System?; 4.2. Boundaries of the System; 4.3. Resolution of the system description; 4.4. Conceptual Commitment for System Descriptions; 4.5. System Architecture; 4.6. Example of an Architecture Framework; 4.7. Elements of a System; 4.8. System Knowledge Involves Multiple Viewpoints; 4.9. Concept of Operations (CONOP); 4.10. Network Configuration
,
4.11. System Life Cycle and AssuranceBibliography; Chapter 5: Knowledge of risk as an element of cybersecurity argument; 5.1. Introduction; 5.2. Basic Cybersecurity Elements; 5.3. Common Vocabulary for threat identification; 5.4. Systematic threat identification; 5.5. Assurance Strategies; 5.6. Assurance of the threat identification; Bibliography; Chapter 6: Knowledge of vulnerabilities as an element of cybersecurity argument; 6.1. Vulnerability as a unit of Knowledge; 6.2. Vulnerability databases; 6.3. Vulnerability life cycle; 6.4. NIST Security Content Automation Protocol (SCAP) Ecosystem
,
BibliographyChapter 7: Vulnerability patterns as a new assurance content; 7.1. Beyond Current SCAP Ecosystem; 7.2. Vendor-neutral vulnerability patterns; 7.3. Software Fault Patterns; 7.4. Example Software Fault Pattern; Bibliography; Chapter 8: OMG software assurance ecosystem; 8.1. Introduction; 8.2. OMG assurance ecosystem: toward collaborative cybersecurity; Bibliography; Chapter 9: Common fact model for assurance content; 9.1. Assurance Content; 9.2. The Objectives; 9.3. Design Criteria for Information Exchange Protocols; 9.4. Trade-offs; 9.5. Information Exchange Protocols
,
9.6. The Nuts and Bolts of Fact Models9.7. The Representation of Facts; 9.8. The Common Schema; 9.9. System Assurance Facts; Bibliography; Chapter 10: Linguistic models; 10.1. Fact Models and Linguistic Models; 10.2. Background; 10.3. Overview of SBVR; 10.4. How to Use SBVR; 10.5. SBVR Vocabulary for Describing Elementary Meanings; 10.6. SBVR Vocabulary for Describing Representations; 10.7. SBVR Vocabulary for Describing Extensions; 10.8. Reference schemes; 10.9. SBVR Semantic Formulations; Bibliography; Chapter 11: Standard protocol for exchanging system facts; 11.1. Background
,
11.2. Organization of the KDM Vocabulary
,
English
Weitere Ausg.:
ISBN 9780123814142
Weitere Ausg.:
ISBN 0123814146
Sprache:
Englisch
