Presentation | 2009-11-13 Identifying Potentially-Impacted Area using CVSS for Networked Systems Toshiki HARADA, Akira KANAOKA, Eiji OKAMOTO, Masahiko KATO, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | CVSS (Common Vulnerability Scoring System) is a vulnerability scoring method. CVSS is composed of three metrics groups: Base, Temporal, and Environmental. Currently, only the Base score is used. The Environmental score which must be used for evaluating risk of the vulnerability in each network or system environment, and its parameters are hard to be determined uniquely. The cause is attributed to difficulty of determining "Target Dstribution (TD)" that is the parameter indicating coverage of vulnerable systems, and rough granularity of TD. We propose a method for identifying the potentially-impacted area by vulnerabilities in networked systems in perspective of three points: confidentiality, integrity and availability. We also simulate proliferation of the potentially-impacted area over the network model. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | CVSS / environmental score / network model / cloud computing |
Paper # | ICSS2009-54 |
Date of Issue |
Conference Information | |
Committee | ICSS |
---|---|
Conference Date | 2009/11/6(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information and Communication System Security (ICSS) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Identifying Potentially-Impacted Area using CVSS for Networked Systems |
Sub Title (in English) | |
Keyword(1) | CVSS |
Keyword(2) | environmental score |
Keyword(3) | network model |
Keyword(4) | cloud computing |
1st Author's Name | Toshiki HARADA |
1st Author's Affiliation | Graduate School of Systems and Information Engineering Department, University of Tsukuba() |
2nd Author's Name | Akira KANAOKA |
2nd Author's Affiliation | Graduate School of Systems and Information Engineering Department, University of Tsukuba |
3rd Author's Name | Eiji OKAMOTO |
3rd Author's Affiliation | Graduate School of Systems and Information Engineering Department, University of Tsukuba |
4th Author's Name | Masahiko KATO |
4th Author's Affiliation | IIJ Technology Inc. |
Date | 2009-11-13 |
Paper # | ICSS2009-54 |
Volume (vol) | vol.109 |
Number (no) | 285 |
Page | pp.pp.- |
#Pages | 6 |
Date of Issue |