- About
-
The Global ETD Search service is a free service for researchers
to find electronic theses and dissertations. This service is
provided by the
Networked Digital Library of Theses and Dissertations.
Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
Search results
Showing 1 to 4 of 4 (0.091 seconds)Spelling suggestions: "subject:"asecurity assessment tool"" "subject:"asecurity assessment pool""
| 1 |
Design and Implementation of an Environment to Support Development of Methods for Security AssessmentBengtsson, Johan, Brinck, Peter January 2008 (has links)
<p>There is no debate over the importance of IT security. Equally important is the research on security assessment; methods for evaluating the security of IT systems. The Swedish Defense Research Agency has for the last couple of years been conducting research on the area of security assessment. To verify the correctness of these methods, tools are implemented.</p><p>This thesis presents the design and implementation of an environment to support and aid future implementations and evaluations of security assessment methods. The aim of this environment, known as the New Tool Environment, NTE, is to assist the developer by facilitating the more time consuming parts of the implementation. A large part of this thesis is devoted to the development of a database solution, which results in an object/relational data access layer.</p>
|
| 2 |
Design and Implementation of an Environment to Support Development of Methods for Security AssessmentBengtsson, Johan, Brinck, Peter January 2008 (has links)
There is no debate over the importance of IT security. Equally important is the research on security assessment; methods for evaluating the security of IT systems. The Swedish Defense Research Agency has for the last couple of years been conducting research on the area of security assessment. To verify the correctness of these methods, tools are implemented. This thesis presents the design and implementation of an environment to support and aid future implementations and evaluations of security assessment methods. The aim of this environment, known as the New Tool Environment, NTE, is to assist the developer by facilitating the more time consuming parts of the implementation. A large part of this thesis is devoted to the development of a database solution, which results in an object/relational data access layer.
|
| 3 |
Improvement and Scenario-Based Evaluation of the eXtended Method for Assessment of System SecuritySundmark, Thomas January 2008 (has links)
<p>This master’s thesis consists of a scenario-based evaluation of an IT-security assessment method known as the eXtendedMethod for Assessment of System Security (XMASS), as well as an assessment of a real-world network using the softwareimplementation of this method known as the Security AssessmeNT Application (SANTA).This thesis also describes a number of improvements made to the software implementation, some which could also be addedto the method itself. These were performed during the preparation of the assessment but had no effect on the outcome.The evaluation showed that the method and implementation contained a number of flaws in the way the filtering effect ofthe traffic mediators of a network, such as network-based firewalls, was implemented. When it comes to the assessment ofthe real-world network it was seen that the network, given the supplied information regarding the software and hardwaresetup of its entities, appeared to be sufficiently secure to handle the transmission of data at the lowest classification level(Restricted). However, as with almost all security assessments, this does not mean that the network is guaranteed to besecure enough; it just indicates that, given the information specified, the network has the potential of being sufficientlysecure.The main conclusion of this thesis is that the way XMASS and SANTA calculates the effect of filtering traffic mediatorsshould be looked into and improved to increase the usability of the tool. The method can however still be used in its currentstate, but requires the individual(s) performing the assessment to be aware of the drawbacks of the current implementationand thus compensate for these when producing the input for the assessment method.</p>
|
| 4 |
Improvement and Scenario-Based Evaluation of the eXtended Method for Assessment of System SecuritySundmark, Thomas January 2008 (has links)
This master’s thesis consists of a scenario-based evaluation of an IT-security assessment method known as the eXtendedMethod for Assessment of System Security (XMASS), as well as an assessment of a real-world network using the softwareimplementation of this method known as the Security AssessmeNT Application (SANTA).This thesis also describes a number of improvements made to the software implementation, some which could also be addedto the method itself. These were performed during the preparation of the assessment but had no effect on the outcome.The evaluation showed that the method and implementation contained a number of flaws in the way the filtering effect ofthe traffic mediators of a network, such as network-based firewalls, was implemented. When it comes to the assessment ofthe real-world network it was seen that the network, given the supplied information regarding the software and hardwaresetup of its entities, appeared to be sufficiently secure to handle the transmission of data at the lowest classification level(Restricted). However, as with almost all security assessments, this does not mean that the network is guaranteed to besecure enough; it just indicates that, given the information specified, the network has the potential of being sufficientlysecure.The main conclusion of this thesis is that the way XMASS and SANTA calculates the effect of filtering traffic mediatorsshould be looked into and improved to increase the usability of the tool. The method can however still be used in its currentstate, but requires the individual(s) performing the assessment to be aware of the drawbacks of the current implementationand thus compensate for these when producing the input for the assessment method.
|
Page generated in 0.0951 seconds