A new security evaluation method using regular grammar to describe the required security mechanisms against software threats

2014 ◽  
Author(s):  
Saman Hedayatpour ◽  
Nazri Kama
Keyword(s):  
Evaluation Method ◽  
Security Evaluation ◽  
Regular Grammar

A Practical Conflicting Role-based Cloud Security Risk Evaluation Method

2019 ◽  
Vol 13 ◽  
Author(s):  
Jin Han ◽  
Jing Zhan ◽  
Xiaoqing Xia ◽  
Xue Fan
Keyword(s):  
Risk Evaluation ◽  
Evaluation Method ◽  
Service Providers ◽  
Risk Preferences ◽  
Cloud Service ◽  
Cloud Security ◽  
Third Party ◽  
Security Evaluation ◽  
Security Risk ◽  
Cloud Users

Background: Currently, Cloud Service Provider (CSP) or third party usually proposes principles and methods for cloud security risk evaluation, while cloud users have no choice but accept them. However, since cloud users and cloud service providers have conflicts of interests, cloud users may not trust the results of security evaluation performed by the CSP. Also, different cloud users may have different security risk preferences, which makes it difficult for third party to consider all users' needs during evaluation. In addition, current security evaluation indexes for cloud are too impractical to test (e.g., indexes like interoperability, transparency, portability are not easy to be evaluated). Methods: To solve the above problems, this paper proposes a practical cloud security risk evaluation method of decision-making based on conflicting roles by using the Analytic Hierarchy Process (AHP) with Aggregation of Individual priorities (AIP). Results: Not only can our method bring forward a new index system based on risk source for cloud security and corresponding practical testing methods, but also can obtain the evaluation result with the risk preferences of conflicting roles, namely CSP and cloud users, which can lay a foundation for improving mutual trusts between the CSP and cloud users. The experiments show that the method can effectively assess the security risk of cloud platforms and in the case where the number of clouds increased by 100% and 200%, the evaluation time using our methodology increased by only by 12% and 30%. Conclusion: Our method can achieve consistent decision based on conflicting roles, high scalability and practicability for cloud security risk evaluation.

Fuzzy Logic-Based Security Evaluation of Stream Cipher

2015 ◽  
pp. 277-298 ◽  
Author(s):  
Sattar B. Sadkhan Al Maliky ◽  
Sabiha F. Jawad
Keyword(s):  
Fuzzy Logic ◽  
Stream Cipher ◽  
Evaluation Method ◽  
Shift Register ◽  
Fuzzy Rules ◽  
Linear Feedback Shift Register ◽  
Linear Feedback ◽  
Security Evaluation ◽  
Maximum Period ◽  
Feedback Shift Register

The main aim of this chapter is to provide a security evaluation method based on fuzzy logic “for a pseudo-random sequences used (mainly) in stream cipher systems. The designed Fuzzy rules consider two main parameters, which are the length of the maximum period of the key sequence obtained from Linear Feedback Shift Register (LFSR) and the entropy of the result in sequences obtained from different lengths of the shift registers. The security (complexity) evaluation method is applied to the summation generator (a type of non-linear feedback shift register) in this chapter. First it is applied to its original well-known form (with one bit memory); then the evaluation method is applied to the developed summation generator (by varying the number of the delayed bits by two and by three bits). The acceptability of the results of developed evaluation method indicates a goodness of such developed approach in the security evaluation.

A Design of the Network Security Evaluation System

2014 ◽  
Vol 686 ◽  
pp. 458-462
Author(s):  
Zi Yan Shi ◽  
Guo Lin Zhao ◽  
Qiao Lin Hu
Keyword(s):  
Network Security ◽  
Evaluation System ◽  
Evaluation Method ◽  
Evaluation Model ◽  
Normal Operation ◽  
Management Tool ◽  
Security Evaluation ◽  
Security Risk ◽  
Security Threat ◽  
Management Tools

The security evaluation for an information network system is an important management tool to insure its normal operation. We must realize the significance of the comprehensive network security risks. A network evaluation model and the algorithm are presented and adapt the hierarchical method to characterize the security risk situation. The evaluation method is used to evaluate the key nodes and the mathematics is used to analyze the whole network security situation. Compared with others, the method can automatically create a rule-based security evaluation model to evaluate the security threat from the individual security elements and the combination of security elements, and then evaluation the network situation. It is shown that this system provides a valuable model and algorithms to help to find the security rules, adjust the security measure, improve the security performance and design the appropriate security risk evaluation and management tools.

Analysis of Security for Water Supply Network Based on the AHP Fuzzy Theory

2014 ◽  
Vol 1073-1076 ◽  
pp. 1023-1026
Author(s):  
Jiao Wang ◽  
Xin Zhang
Keyword(s):  
Water Supply ◽  
Evaluation System ◽  
Evaluation Method ◽  
Statistical Data ◽  
Fuzzy Theory ◽  
Security Evaluation ◽  
Supply Network ◽  
Urban Water Supply ◽  
Water Supply Network ◽  
Mathematical Evaluation

Fuzzy mathematical evaluation method, is mainly rely on experience to determine the membership function for data processing. The water supply network security evaluation system is established based on network historical statistical data. A reasonable evaluation of urban water supply network in shanxi has been carried in the application of AHP to determine the factor weight of fuzzy mathematics.

Entropy Weight Multi-Level Fuzzy Comprehensive Evaluation in Power Plant Security Based on Reliability Identification

2012 ◽  
Vol 482-484 ◽  
pp. 2390-2395
Author(s):  
De Qiang Li
Keyword(s):  
Power Plant ◽  
Evaluation System ◽  
Evaluation Method ◽  
Comprehensive Evaluation ◽  
Evaluation Model ◽  
Fuzzy Comprehensive Evaluation ◽  
Security Evaluation ◽  
Fuzzy Evaluation ◽  
Entropy Weight ◽  
Multi Level

In the paper, we establish an evaluation system in the study of four aspects such as people, regulation, equipment and technology management, field management and engineering construction. We present an entropy weight multi-level fuzzy comprehensive evaluation model in power plant security on the basis of reliability identification. Firstly, it identifies the reliability of power plant security evaluation system. Secondly, it can meet the condition that the system is reliable. Then it obtains the indicator weight of all levels in the evaluation system by the entropy weight method. Finally, it carries out a comprehensive evaluation in power plant security by the multi-level fuzzy evaluation method.

Sign in / Sign up

Export Citation Format

Share Document