Record:   Prev Next
作者 Anand, Vijay
書名 Security policy management, threat alleviation and trusted platforms for embedded computing systems
國際標準書號 9781267040565
book jacket
說明 108 p
附註 Source: Dissertation Abstracts International, Volume: 73-02, Section: B, page: 1127
Adviser: Jafa Saniie
Thesis (Ph.D.)--Illinois Institute of Technology, 2011
Security guarantees are a measure of trust that can be placed on computing services in the safeguarding of digital assets. These security goals and guarantees coupled with known and modeled threats to the digital assets shape the security policies for the computing service. In this PhD thesis we establish a causal relationship of security policies with threats, provide an industry standard management framework, Six Sigma, for decision making, changes to the constructs of the Trusted Platform Module to create a controllable security framework and finally show how the security framework can be used in a commercial service
The process of updating and refactoring security policy changes becomes a time consuming and tedious task, especially when threats evolve and computing service constructs change when security policy implementations are implicitly implemented. With the basis of correlation of policies over threats an explicit security policy implementation is proposed such that its adaptability, testability and risk quantification can be achieved without altering the computing service when threats evolve
We experiment policies threat correlation on a hardware system entrusted with security operations referred to as Trusted Platform Module (IPM). An adaptive TPM architecture is proposed to counter evolving threats by integrating a FPGA block to alter and patch firmware and change ciphering systems. We present how security guarantees in an IT infrastructure can be met with a TPM and thereby should be an integral part of computing services along with other security constructs like firewalls, intrusion detection systems, anti-virus etc
Adaptive security policy requires a management process wherein the risk management, cost effectiveness principles can be identified such that decisions can be made on the trust criteria of digital assets in an industrial management framework. The security policy creation and management process presented in this thesis is based on Six Sigma model and presents a method to adapt security goals and risk management of a computing service
As an effective implementation of the security policy the case of application commerce workflow for developers is presented. Secure application distribution and execution guarantees lie in the transfer of trust between various processes in a computing service, also known as Chain of Trust in an embedded system. This study presents application development workflows facilitating secure commerce of digital assets thereby improving consumer trust
School code: 0091
Host Item Dissertation Abstracts International 73-02B
主題 Engineering, Electronics and Electrical
Computer Science
0544
0984
Alt Author Illinois Institute of Technology
Record:   Prev Next