Kids Library Home

Welcome to the Kids' Library!

Search for books, movies, music, magazines, and more.

Available items only
Record 6 of 90
Previous Record Next Record

Title Finding and fixing vulnerabilities in information systems : the vulnerability assessment & mitigation methodology / Philip S. Anton [and others] ; prepared for the Defense Advanced Research Projects Agency.

Imprint Santa Monica, CA : Rand, 2003.


Location Call No. OPAC Message Status
 Axe JSTOR Open Ebooks  Electronic Book    ---  Available
Description 1 online resource (xxvi, 117 pages) : illustrations
text txt rdacontent
computer c rdamedia
online resource cr rdacarrier
Series Rand note ; MR-1601-DARPA
Rand note ; MR-1601-DARPA.
Bibliography Includes bibliographical references.
Contents Introduction -- Concepts and definitions -- VAM methodology and other DoD practices in risk assessment -- Vulnerability attributes of system objects -- Direct and indirect security techniques -- Generating security options for vulnerabilities -- Automating and executing the methodology: a spreadsheet tool -- Next steps and discussion -- Summary and conclusions -- Appendix: Vulnerability to mitigation map values.
Summary Understanding an organization's reliance on information systems and how to mitigate the vulnerabilities of these systems can be an intimidating challenge--especially when considering less well-known weaknesses or even unknown vulnerabilities that have not yet been exploited. The authors, understanding the risks posed by new kinds of information security threats, build on previous RAND mitigation techniques by introducing the Vulnerability Assessment and Mitigation (VAM) methodology. The six-step procedure uses a top-down approach to protect against future threats and system failures while mitigating current and past threats and weaknesses. The authors lead evaluators through the procedure of classifying vulnerabilities in their systems' physical, cyber, human/social, and infrastructure elements, and identifying which security techniques can be relevant for these vulnerabilities. The authors also use VAM to break down information compromises into five fundamental components of attack or failure: knowledge, access, target vulnerability, non-retribution, and assessment. In addition, a new automated tool implemented as an Excel spreadsheet is discussed; this tool greatly simplifies using the methodology and emphasizes analysis on cautions, risks, and barriers.
Note Print version record.
Subject Computer security.
Data protection.
Risk assessment.
Engineering & Applied Sciences.
Computer Science.
COMPUTERS -- Internet -- Security.
COMPUTERS -- Networking -- Security.
COMPUTERS -- Security -- General.
Computer security. (OCoLC)fst00872484
Data protection. (OCoLC)fst00887958
Risk assessment. (OCoLC)fst01098146
Engineering & Applied Sciences.
Computer Science.
Genre/Form Electronic books.
Electronic books.
Added Author Antón, Philip S.
United States. Defense Advanced Research Projects Agency.
Added Title Vulnerability assessment & mitigation methodology
Vulnerability assessment and mitigation methodology
Other Form: Print version: Finding and fixing vulnerabilities in information systems. Santa Monica, CA : Rand, 2003 0833034340 (DLC) 2003012342 (OCoLC)52349150
ISBN 0833035991 (electronic bk.)
9780833035998 (electronic bk.)
0833034340 (pbk.)
9780833034342 (pbk.)
Standard No. AU@ 000050961668
AU@ 000053227778
AU@ 000061155435
DEBBG BV043096954
DEBBG BV044078090
DEBSZ 396053971
DEBSZ 422391255
GBVCP 1008648558
GBVCP 801138582
NZ1 11773902
NZ1 14234682

Available items only