Organizing electronic services into security taxonomies - revised

PDF Version Also Available for Download.

Description

With increasing numbers of commercial and government services being considered for electronic delivery, effective vulnerability analysis will become increasingly critical, Organizing sets of proposed electronic services into security taxonomies will be a key part of this work. However, brute force enumeration of services and risks is inefficient, and ad hoc methods require re-invention with each new set of services. Furthermore, both such approaches fail to communicate effectively the tradeoffs between vulnerabilities and features in a set of electronic services, and fail to scale to large sets of service. From our experience advising players considering electronic delivery, we have developed a ... continued below

Physical Description

11 p.

Creation Information

Smith, S.W. & Pedersen, P.S. January 1, 1997.

Context

This report is part of the collection entitled: Office of Scientific & Technical Information Technical Reports and was provided by UNT Libraries Government Documents Department to Digital Library, a digital repository hosted by the UNT Libraries. More information about this report can be viewed below.

Who

People and organizations associated with either the creation of this report or its content.

Authors

  • Smith, S.W. IBM T.J. Watson Research Center, Yorktown Heights, NY (United States)
  • Pedersen, P.S. Los Alamos National Lab., NM (United States)

Sponsor

Publisher

Provided By

UNT Libraries Government Documents Department

Serving as both a federal and a state depository library, the UNT Libraries Government Documents Department maintains millions of items in a variety of formats. The department is a member of the FDLP Content Partnerships Program and an Affiliated Archive of the National Archives.

Contact Us

What

Descriptive information to help identify this report. Follow the links below to find similar items on the Digital Library.

Description

With increasing numbers of commercial and government services being considered for electronic delivery, effective vulnerability analysis will become increasingly critical, Organizing sets of proposed electronic services into security taxonomies will be a key part of this work. However, brute force enumeration of services and risks is inefficient, and ad hoc methods require re-invention with each new set of services. Furthermore, both such approaches fail to communicate effectively the tradeoffs between vulnerabilities and features in a set of electronic services, and fail to scale to large sets of service. From our experience advising players considering electronic delivery, we have developed a general, systematic, and scalable methodology that addresses these concerns. In this paper, we present this methodology, and apply it to the example of electronic services offered via kiosks (since kiosk systems are representative of a wide range of security issues in electronic commerce).

Physical Description

11 p.

Notes

OSTI as DE97002317

Source

  • Other Information: PBD: [1997]

Language

Item Type

Identifier

Unique identifying numbers for this report in the Digital Library or other systems.

  • Other: DE97002317
  • Report No.: LA-UR--96-3767
  • Grant Number: W-7405-ENG-36
  • DOI: 10.2172/420392 | External Link
  • Office of Scientific & Technical Information Report Number: 420392
  • Archival Resource Key: ark:/67531/metadc685212

Collections

This report is part of the following collection of related materials.

Office of Scientific & Technical Information Technical Reports

Reports, articles and other documents harvested from the Office of Scientific and Technical Information.

Office of Scientific and Technical Information (OSTI) is the Department of Energy (DOE) office that collects, preserves, and disseminates DOE-sponsored research and development (R&D) results that are the outcomes of R&D projects or other funded activities at DOE labs and facilities nationwide and grantees at universities and other institutions.

What responsibilities do I have when using this report?

When

Dates and time periods associated with this report.

Creation Date

  • January 1, 1997

Added to The UNT Digital Library

  • July 25, 2015, 2:20 a.m.

Description Last Updated

  • May 20, 2016, 1:39 p.m.

Usage Statistics

When was this report last used?

Yesterday: 0
Past 30 days: 0
Total Uses: 2

Interact With This Report

Here are some suggestions for what to do next.

Start Reading

PDF Version Also Available for Download.

Citations, Rights, Re-Use

Smith, S.W. & Pedersen, P.S. Organizing electronic services into security taxonomies - revised, report, January 1, 1997; New Mexico. (digital.library.unt.edu/ark:/67531/metadc685212/: accessed November 24, 2017), University of North Texas Libraries, Digital Library, digital.library.unt.edu; crediting UNT Libraries Government Documents Department.