Computer security analysis model based on fault tree

Tao Zhang,Mingzeng Hu,Xiaochun YUN,Yongzheng Zhang,ming Zheng
DOI: https://doi.org/10.3321/j.issn:1002-0470.2005.07.004
2005-01-01
Abstract:System visitors were classified into five kinds by their privilege to access system resource by analysing computer resource, visitor privilege, security requirement, vulnerability, etc. The attacker can enhance his privilege using vulnerability. According to distribution of vulnerabilities privilege set, fault tree should be constructed to analyze the system security states under different security requirement condition, and this method could express qualitative security states using attack path and quantificational security states using attack success probability via analyzing fault tree.
What problem does this paper attempt to address?