FORMAL ANALYSIS METHODS OF NETWORK SECURITY DESIGN
Mariusz Stawowski
2007
Abstract
An assessment of network security design correctness requires an analysis of many aspects, e.g. security zones correctness, access control protection layers as well as protections tightness against intrusions. Using formal methods based on graph theory in medium up to large-scale networks can greatly speed up and improve accuracy of performing security analysis. The analysis models and methods described in this document allow for quick identification of network security design errors resulted from breaking the “Compartmentalization of Information” and the “Defense-in-Depth” security principles, checking if protections used allow for security incidents handling as well as verification of many other security aspects. The analysis methods developed here can be used during network security design process and also for security assessment of existing computer information systems.
DownloadPaper Citation
in Harvard Style
Stawowski M. (2007). FORMAL ANALYSIS METHODS OF NETWORK SECURITY DESIGN . In Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007) ISBN 978-989-8111-12-8, pages 313-318. DOI: 10.5220/0002118903130318
in Bibtex Style
@conference{secrypt07,
author={Mariusz Stawowski},
title={FORMAL ANALYSIS METHODS OF NETWORK SECURITY DESIGN},
booktitle={Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007)},
year={2007},
pages={313-318},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002118903130318},
isbn={978-989-8111-12-8},
}
in EndNote Style
TY - CONF
JO - Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007)
TI - FORMAL ANALYSIS METHODS OF NETWORK SECURITY DESIGN
SN - 978-989-8111-12-8
AU - Stawowski M.
PY - 2007
SP - 313
EP - 318
DO - 10.5220/0002118903130318