Difference between revisions of "Attack Tree"

From CIPedia
Jump to navigation Jump to search
(Definitions)
 
Line 40: Line 40:
 
[[Category:CIPRNet-Glossary]][[Category:DIESIS-Glossary]][[Category:Analysis]]
 
[[Category:CIPRNet-Glossary]][[Category:DIESIS-Glossary]][[Category:Analysis]]
 
{{#set:defined by=EU project|defined by=IETF}}
 
{{#set:defined by=EU project|defined by=IETF}}
 +
{{#set: Showmainpage=Yes}}

Latest revision as of 22:20, 27 June 2019


Definitions

European Project Definitions

CIPRNet project

The CIPRNet project [1] uses the following definition:

"Attack Trees provide a formal, methodical way of describing the security of systems, based on varying attacks. Basically, you represent attacks against a system in a tree structure, with the goal as the root node and different ways of achieving that goal as leaf nodes". [2]


DIESIS project

The DIESIS project [3] gives the following definition:

"Attack Trees provide a formal, methodical way of describing the security of systems, based on varying attacks. Basically, you represent attacks against a system in a tree structure, with the goal as the root node and different ways of achieving that goal as leaf nodes". [2]



Standard Definition

IETF

A branching, hierarchical data structure that represents a set of potential approaches to achieving an event in which system security is penetrated or compromised in a specified way.[4]


Discussion Topic

See discussion in [4].

See also

Notes

  1. http://www.ciprnet.eu/
  2. 2.0 2.1 Bruce Schneier (1999). Attack Trees. Dr Dobb's Journal, v.24, n.12, December 1999
  3. http://www.diesis-project.eu/
  4. 4.0 4.1 IETF RFC449 Internet Security Glossary 2

References