Method and device for analyzing an information sytem security
3 Assignments
0 Petitions
Accused Products
Abstract
There is proposed a method for analyzing the security of an information system comprising a modeling phase, including modeling of the information system, and a simulating phase, including specification and simulation of potential attack against the information system.
155 Citations
85 Claims
-
1-44. -44. (canceled)
-
45. A method for analyzing the security of an information system comprising:
-
a modelling phase, comprising on the one hand the specification of the architecture of the information system with a graphical representation of a set of components of the system and relations between said components, each component being associated with at least one state initialized with a sound value, the relations between two determined components comprising propagation relations able to convey attacks, and on the other hand the specification of a set of behavioural rules, from the standpoint of the operation of the system and from the standpoint of security, associated with the components of the system, each behavioural rule comprising one or more predicates and/or one or more actions; and
,a simulation phase, comprising the specification and the simulation of potential attacks against the information system, a successful attack causing a state of a component to pass to an unsound value. - View Dependent Claims (46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82)
-
-
83. A device for the implementation of a method for analyzing the security of an information system, said device comprising:
-
a man/machine interface for the implementation of a modelling phase comprising a modelling phase, comprising on the one hand the specification of the architecture of the information system with a graphical representation of a set of components of the system and relations between said components, each component being associated with at least one state initialized with a sound value, the relations between two determined components comprising propagation relations able to convey attacks, and on the other hand the specification of a set of behavioural rules, from the standpoint of the operation of the system and from the standpoint of security, associated with the components of the system, each behavioural rule comprising one or more predicates and/or one or more actions; and
,an attacks/parries engine for a implementation of a simulation phase comprising the specification and the simulation of potential attacks against the information system, a successful attack causing a state of a component to pass to an unsound value. - View Dependent Claims (84, 85)
-
Specification