[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri May 5 19:37:04 2006
From: sol at haveyoubeentested.org (Sol Invictus)
Subject: Patterns and Security Measurement
I would say take a look at the OSSTMM. www.isecom.org/osstmm. There is
also a tool from CIOView that will help you determine your Risk
Assessment Values using the OSSTMM. www.cioview.com.
Hope that helps!
Sol.
Nguyen Pham wrote:
> Hi list,
>
> Actually, I am trying to measure security (and then security
> assurance) level of a complex telecommunication network. I am looking
> for a method/approach/product using sets of predefined, standard
> entities (station, server, firewall, router, ...) and relations
> (forming "patterns" like pipe, cluster, bus, gateway, ...,
> architectures) which have already been measured to simplify the
> process of system security measurement. An aggregation algorithm is
> then needed to arrive at an overall system security value.
>
> Any recommendation of academic or industrial solutions would be welcome.
>
> Other suggestions for solving the problem (security measurement of
> complex network) are also greatly appreciated.
>
> Many thanks,
> Nguyen Pham.
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
>
Powered by blists - more mailing lists