Difference between revisions of "Attack Tree"

From CIPedia
Jump to navigation Jump to search
m (References)
 
(11 intermediate revisions by 2 users not shown)
Line 4: Line 4:
 
<!-- This section presents all available definitions of the above term.-->
 
<!-- This section presents all available definitions of the above term.-->
  
=== European Definitions ===
+
=== European Project Definitions ===
<!-- Insert here definitions from European institutions or projects, if available. Each new definition should be formatted as a heading level 4, followed by the unformatted text of the definition. An example follows below:
+
==== CIPRNet project ====
-->
+
{{quote-ciprnet|"Attack Trees provide a formal, methodical way of describing the security of systems, based on varying attacks. Basically, you represent attacks against a system in a tree structure, with the goal as the root node and different ways of achieving that goal as leaf nodes". {{Schneier99}}}}<br/>
 +
 
 
==== DIESIS project ====
 
==== DIESIS project ====
{{quote-diesis|"Attack trees provide a formal, methodical way of describing the security of systems, based on varying attacks. Basically, you represent attacks against a system in a tree structure, with the goal as the root node and different ways of achieving that goal as leaf nodes"{{Schneier99}}.}}
+
{{quote-diesis|"Attack Trees provide a formal, methodical way of describing the security of systems, based on varying attacks. Basically, you represent attacks against a system in a tree structure, with the goal as the root node and different ways of achieving that goal as leaf nodes". {{Schneier99}}}}
  
 +
<!--
 
=== Other International Definitions ===
 
=== Other International Definitions ===
<!-- Insert here definitions from international organizations, if available. Each new definition should be formatted as a heading level 4, followed by the unformatted text of the definition. An example follows below: -->
 
==== United Nations’ Definition ====
 
<!-- Insert the definition found in the document “2009 UNISDR Terminology on Disaster Risk Reduction” (this is an example). -->
 
 
 
=== National Definitions ===
 
=== National Definitions ===
<!-- Insert official national definitions, if available.  Each definition should be formatted as a heading level 4, followed by the text of the definition. An example follows below:
 
 
==== Country Name====
 
==== Country Name====
Insert the definition found on the DHS Lexicon (this is an example). -->
+
 
 +
-->
 +
 
  
 
===Standard Definition===
 
===Standard Definition===
<!--Insert the text of the definition. Each definition should be formatted as a heading level 4, followed by the text of the definition. -->
+
====[[IETF]]====
 +
{{definition|A branching, hierarchical data structure that represents a set of potential approaches to achieving an event in which system security is penetrated or compromised in a specified way.<ref name="IETFrefs">[https://tools.ietf.org/html/rfc4949 IETF RFC449 Internet Security Glossary 2]</ref>}}<br />
  
 
== Discussion Topic ==
 
== Discussion Topic ==
<!-- Discuss topics related to the term, such as closely-related terms, differences among definitions, how to use the definitions provided, open issues, etc. -->
+
See discussion in <ref name="IETFrefs">[https://tools.ietf.org/html/rfc4949 IETF RFC449 Internet Security Glossary 2]</ref>.
 
 
 
==See also==
 
==See also==
 
<!-- Add links to related terms -->
 
<!-- Add links to related terms -->
Line 39: Line 38:
  
 
<!-- Add category, i.e. [[Category:Main]] -->
 
<!-- Add category, i.e. [[Category:Main]] -->
[[Category:DIESIS-Glossary]][[Category:Analysis]]
+
[[Category:CIPRNet-Glossary]][[Category:DIESIS-Glossary]][[Category:Analysis]]
 +
{{#set:defined by=EU project|defined by=IETF}}
 +
{{#set: Showmainpage=Yes}}

Latest revision as of 22:20, 27 June 2019


Definitions

European Project Definitions

CIPRNet project

The CIPRNet project [1] uses the following definition:

"Attack Trees provide a formal, methodical way of describing the security of systems, based on varying attacks. Basically, you represent attacks against a system in a tree structure, with the goal as the root node and different ways of achieving that goal as leaf nodes". [2]


DIESIS project

The DIESIS project [3] gives the following definition:

"Attack Trees provide a formal, methodical way of describing the security of systems, based on varying attacks. Basically, you represent attacks against a system in a tree structure, with the goal as the root node and different ways of achieving that goal as leaf nodes". [2]



Standard Definition

IETF

A branching, hierarchical data structure that represents a set of potential approaches to achieving an event in which system security is penetrated or compromised in a specified way.[4]


Discussion Topic

See discussion in [4].

See also

Notes

  1. http://www.ciprnet.eu/
  2. 2.0 2.1 Bruce Schneier (1999). Attack Trees. Dr Dobb's Journal, v.24, n.12, December 1999
  3. http://www.diesis-project.eu/
  4. 4.0 4.1 IETF RFC449 Internet Security Glossary 2

References