Quantifying the Security Posture of Containerized Mission Critical Systems

Ridley, Matthew; Otero, Carlos E.; Elliott, David; Merino, Xavier

doi:10.1109/secon.2018.8479177

Cited by 2 publications

(1 citation statement)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [ROEM18], Ridley et al quantify the security posture of containerized missioncritical systems, in the implementation phase, using a desirability function that determines a set of operating conditions that optimize a system based on desired requirements. A number of other works such as [Cho09], [Ros02], and [Gol12] use the term security posture in the context of computer security without defining it explicitly.…”

Section: Evaluating System Security Using a Collection Of Metricsmentioning

confidence: 99%

A Data-Driven Approach to Evaluate the Security of System Designs

Samuel¹

View full text Add to dashboard Cite

Improving system security during the design phase is challenging but can be costeffective in the long run. Security metrics are a way to measure and manage a system's ability to minimize possible attack opportunities. While several designlevel security metrics exist to evaluate vulnerabilities in system design, it is unclear which metrics provide a sound scientific basis for their characterization. Lack of security knowledge among average development teams and the lack of tool support are additional challenges.In this work, we present a data-driven approach for the security evaluation of system designs to address the above challenges. The approach aims to incrementally improve system security and decision-making at design time. We integrate the attack surface metric which we found to be sound in our evaluation of widely-used security metrics and leverage external data sources to characterize the structural security posture of software systems. Several tools are developed to automate the approach.I express my sincere gratitude to Professor James Green who played a critical role in advancing my research career. His willingness to enable me to explore and apply my ideas, however ambitious they may be, allowed me to further my learning and impact the community in more ways than one. I thank Professor Mohammed Ibnkhala who encouraged me to pursue graduate studies and provided me with the guidance and resources needed to succeed. I convey my heartfelt gratitude to my family for all their love, encouragement, and support. I also thank my friends who were more than happy to hear about my work and encourage me throughout this journey.iii

show abstract