Organizing electronic services into security taxonomies - revised Page: 4 of 12
This report is part of the collection entitled: Office of Scientific & Technical Information Technical Reports and was provided to UNT Digital Library by the UNT Libraries Government Documents Department.
Extracted Text
The following text was automatically extracted from the image on this page using optical character recognition software:
FROM DIST SEC SYSTEMS TO 915056655220
Organizing Electronic Services into Security Taxonomies
Sean W, Smith
IBM TJ. Watson Research Center
RO. Box 704
Yorktovm Thights. NY 10598
sean@watson-zbm.com
Abstract
Wit increasing numbers of couuuemcial and goverment
services being considered for electronic delivery, effec-
tive vulnerability analysis will become increasingly crit-
ical. Organizing sets of proposed electronic services
into security taxonomies will be a key pa of this work.
However, brute force enumeration of services and risks
is iueflicient, and ad hoc methods require rt-iwvearon
with each new set of services. Furthermore, both such
approaches fail to communicate effectively the rudtfts
between vulnerabilities and features in a set of electronic
services, and fail to scale to urge sets ofservices. frum
our experience advising players considering electronic
delivery, we have developed a general, systematic, and
scalable methodology that addresses these concerns. In
this paper, we present this methodology, and apply it
to the example of electronic services offered via kiosks
(since kiosk systems are representative of a wide range
of security issues in electronic commerce).
1. The Problem
A.s busines--commercial services provided to customers
as well as government services provided to citizens-
migrates to tlodrninc settings, the contributions of se-
curity research are many: from developing underlying
technology; to applying this technology to construct par-
ticular methods for secure service delivery, to verifying
(both formally and experimentally) the security of these
methods.
However, between the decision to enter the electronic
marketplace and the decision to deploy a specific service
via a specific delivery method lies a period of ploration.
Thiseserhwasperformed whiletterasauthor was withLos Alamos
Nadonal Laboratory, aed tis paper is registered as a Los Atamos
Unclassioed Release. ThLs researo was sponsored in pwnt ly die
Deparent of Energy, under contact number W-7405-ENCkZ6. The
views and oehnluionc aonmied m thk Aocument are those of the
action alone.Paul S. Pedersen
Los Alamos National Laboratory
Mail Stop 2,65
Los Alamos, NM 87545
pedersen@lanl.gov
WC beLieve osearcal needs to address this gap: how to
illuminate the issues and tradeoffs between variations of
serve ices and delivery technologica. We offer this paper as
an initial contribution: an attempt to extract a systematic
methodology fum ow work in this arca-
In general, vulnerability analysis consists of speci-
fying the vulneaablities and points of attack to whiuh
a given service is susceptible. However, in practice, we
have found that managers considering electronic delivery
usually provide a large set of slated services, and im-
plicitly expect the analysis to communicate the tradeoffs
between vulnerabilities and features. Consequently, the
ability to organize a set of services into a strnctre that
clearly and concisely expresses their relations and their
security risks is crucial for such an analysis to be effec-
tive. The understanding that an effective vulnerability
analysis provides is, in turn, crucial for the decision on
deploying electronic services to be sound.
The question, then, is how to construct and express
this struture. Brute force enumeration of services and
risks is inefficient and fails to meet the customer's im-
plicit goals. Ad hoc methods require re-invention with
each new set of services, and can fail to communicate
the tradeoffs effectively. Furthermore, these methods do
not scale to large sets of services-and comIunicating
anything effectively for a large set requires understanding
and exploiting organization inherent in that set.
on the other hand, a systematic methodology pro-
vides both efficiency for the analyst as well as effective
communication for the customer Ftrthennore. a suffi-
ciently general methodology can also apply directly to
orgaizing points of attack (since these are essentially
just potential services unintentionally offered to the ad-
versay). Additionally, a sufficiently expressive method-
ology can provide an understanding of the structure un-
d rly lug a given set of scriccs, which in turn can reveal
when that set is incomplete.
From ourexperience inorganizingelexosuc services
into security taxonomies as part of vulnerability analy-
ses, we have developed a general, systematic uctjhodol-OCT 7 '96 11:00
PAGE. 002/009
Upcoming Pages
Here’s what’s next.
Search Inside
This report can be searched. Note: Results may vary based on the legibility of text within the document.
Tools / Downloads
Get a copy of this page or view the extracted text.
Citing and Sharing
Basic information for referencing this web page. We also provide extended guidance on usage rights, references, copying or embedding.
Reference the current page of this Report.
Smith, S. W. & Pedersen, P. S. Organizing electronic services into security taxonomies - revised, report, January 1, 1997; New Mexico. (https://digital.library.unt.edu/ark:/67531/metadc685212/m1/4/: accessed April 25, 2024), University of North Texas Libraries, UNT Digital Library, https://digital.library.unt.edu; crediting UNT Libraries Government Documents Department.