Sciweavers

STORAGESS
2005
ACM

Toward a threat model for storage systems

14 years 5 months ago
Toward a threat model for storage systems
The growing number of storage security breaches as well as the need to adhere to government regulations is driving the need for greater storage protection. However, there is the lack of a comprehensive process to designing storage protection solutions. Designing protection for storage systems is best done by utilizing proactive system engineering rather than reacting with ad hoc countermeasures to the latest attack du jour. The purpose of threat modeling is to organize system threats and vulnerabilities into general classes to be addressed with known storage protection techniques. Although there has been prior work on threat modeling primarily for software applications, to our knowledge this is the first attempt at domain-specific threat modeling for storage systems. We discuss protection challenges unique to storage systems and propose two different processes to creating a threat model for storage systems: one based on classical security principles (Confidentiality, I ntegrity, A...
Ragib Hasan, Suvda Myagmar, Adam J. Lee, William Y
Added 26 Jun 2010
Updated 26 Jun 2010
Type Conference
Year 2005
Where STORAGESS
Authors Ragib Hasan, Suvda Myagmar, Adam J. Lee, William Yurcik
Comments (0)