Difference between revisions of "Attack Tree"
Jump to navigation
Jump to search
(→European Definitions) |
(→CIPRNet project) |
||
Line 6: | Line 6: | ||
=== European Project Definitions === | === European Project Definitions === | ||
==== CIPRNet project ==== | ==== CIPRNet project ==== | ||
− | {{quote-ciprnet||"Attack Trees provide a formal, methodical way of describing the security of systems, based on varying attacks. Basically, you represent attacks against a system in a tree structure, with the goal as the root node and different ways of achieving that goal as leaf nodes". {{Schneier99}}}} | + | {{quote-ciprnet||"Attack Trees provide a formal, methodical way of describing the security of systems, based on varying attacks. Basically, you represent attacks against a system in a tree structure, with the goal as the root node and different ways of achieving that goal as leaf nodes". {{Schneier99}}}}<br/> |
− | <br/> | + | |
==== DIESIS project ==== | ==== DIESIS project ==== | ||
{{quote-diesis|"Attack Trees provide a formal, methodical way of describing the security of systems, based on varying attacks. Basically, you represent attacks against a system in a tree structure, with the goal as the root node and different ways of achieving that goal as leaf nodes". {{Schneier99}}}} | {{quote-diesis|"Attack Trees provide a formal, methodical way of describing the security of systems, based on varying attacks. Basically, you represent attacks against a system in a tree structure, with the goal as the root node and different ways of achieving that goal as leaf nodes". {{Schneier99}}}} |
Revision as of 15:30, 21 December 2016
Contents
Definitions
European Project Definitions
CIPRNet project
The CIPRNet project [1] uses the following definition:
DIESIS project
The DIESIS project [2] gives the following definition:
"Attack Trees provide a formal, methodical way of describing the security of systems, based on varying attacks. Basically, you represent attacks against a system in a tree structure, with the goal as the root node and different ways of achieving that goal as leaf nodes". [3]
Other International Definitions
National Definitions
Standard Definition
IETF
A branching, hierarchical data structure that represents a set of potential approaches to achieving an event in which system security is penetrated or compromised in a specified way.[4]
Discussion Topic
See discussion in [4].
See also
Notes
- ↑ http://www.ciprnet.eu/
- ↑ http://www.diesis-project.eu/
- ↑ Bruce Schneier (1999). Attack Trees. Dr Dobb's Journal, v.24, n.12, December 1999
- ↑ 4.0 4.1 IETF RFC449 Internet Security Glossary 2