攻击树分析

Threat Modeling
John Howard, Thomas Longstaff; “A Common Language for Computer Security Incidents”; Sandia National Laboratories; October 1998. DOI= http://prod.sandia.gov/techlib/access-control.cgi/1998/988667.pdf
Attack Graphs
Anoop Singhal, XimmingOu; “Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs”: National Institute of Standards and Technology; August 2011. DOI= http://csrc.nist.gov/publications/nistir/ir7788/NISTIR-7788.pdf
Ian Green “Extreme Cyber Scenario Planning and Attack Tree Analysis”; Commonwealth Bank of Australia –presented at RSA Conference 2013; Video -http://www.rsaconference.com/media/extreme-cyber-scenario-planning-fault-tree-analysis; Slides -http://www.rsaconference.com/writable/presentations/file_upload/stu-w21b.pdf
Scenario Planning
Peter Schwartz; “The Art of the Long View: Paths to Strategic Insight for Yourself and Your Company”; Currency Doubleday; 1991
“Scenarios: An Explorer’s Guide”; Shell International BV; 2008; http://s05.static-shell.com/content/dam/shell/static/future-energy/downloads/shell-scenarios/shell-scenarios-explorersguide.pdf
Risk Assessment
The Open GrouptmRisk Taxonomy Standard (O-RT): https://www2.opengroup.org/ogsys/catalog/C13K
The Open GrouptmRisk Analysis Standard (O-RA): https://www2.opengroup.org/ogsys/catalog/C13G

你可能感兴趣的:(攻击树分析)