Scenario-Based Evaluation of a Method for System Security Assessment
Independent thesis Basic level (professional degree), 10 points / 15 hpStudent thesis
This thesis evaluates a method for system security assessment (MASS), developed at the Swedish Defence Research Agency in Linköping. The evaluation has been carried out with the use of scenarios, consisting of three example networks and several modifications of those. The results from the scenarios are then compared to the expectations of the author and a general discussion is taken about whether or not the results are realistic.
The evaluation is not meant to be exhaustive, so even if MASS had passed the evaluation with flying colors, it could not have been regarded as proof that the method works as intended. However, this was not the case; even though MASS responded well to the majority of the modifications, some issues indicating possible adjustments or improvements were found and commented on in this report.
The conclusion from the evaluation is therefore that there are issues to be solved and that the evaluated version of MASS is not ready to be used to evaluate real networks. The method has enough promise not to be discarded, though. With the aid of the issues found in this thesis, it should be developed further, along with the supporting tools, and be re-evaluated.
Place, publisher, year, edition, pages
Institutionen för systemteknik , 2005. , 77 p.
Computer security, Assessment, Information systems, Metrics
IdentifiersURN: urn:nbn:se:liu:diva-6004ISRN: LiTH-ISY-EX-ET--05/0316--SEOAI: oai:DiVA.org:liu-6004DiVA: diva2:21597
2006-01-09, Algoritmen, Hus B, Institutionen för systemteknik, Linköpings universitet, 581 83, Linköping, 13:15
Hallberg, JonasHunstad, Amund