| Network technology provides the basis for information era, but it presents hidden trouble at the same time. Shortly after its naissance, Internet has already extended itself to every corner of the world, which is beyond the expect of its original designers. But it is worrisome that the designers focused only on the openness and interconnection of Internet, leaving the security matter unattended. Besides, software is getting more and more complex, and its security bugs are found at ever-higher speed. And even a trivial bug, exploited by "hackers", might lead to serious consequences such as system breakdown or data loss. With the growth of the society's reliance on information systems, security accidents occur more frequently. The security of information systems draws more attention, and the security industry emerged as the situation requires.To address various security threats that information systems are facing, security technology and products are being developed continuously, and security theories are also continuously presented. The solution to information security problems draws upon certain theoretical models of security. The solution is a coherent entity that counters security threats. To meet the objective of "relative security", the solution integrates various security technologies, products, mechanism, policies, measures and services. As "absolute safety" is impossible to achieve, the security solution to achieve "relative safety" depends on factors (e.g. security objectives, investment capacity and size of system) that are related to the system itself. When it is implemented, the security solution may be one single security product, or otherwise, a huge security system. A blindfold decision-making may lead to extreme consequences: failure of the security objectives, or serious waste of security investment. Therefore, decision-making analysis regarding the security investment in information system is especially important.As part of the reliability theory, Fault Tree Analysis (FTA) is an effective tool to analyze the reliability and security of systems, especially those complex ones, which is the focus of this paper. By applying FTA to information system and developing a system fault tree, the administrators (who normally are decision-makers themselves) of information system may gain a clearer picture of the causes of system fault. For the fault event (top event) of interest, all minimal cut sets causing the top event, could be determined. And the probability of top event is calculated using that of the bottom events. In combination with hazard assessment of the fault events, the security risk of the system could be estimated. The implementation of security solutions will reduce the probability of some fault events and, accordingly, that of the top events. As a result, the system risk is reduced. That is, the intended security benefit is achieved through security solutions.AHP is a Multi-purpose Decision-Making method, both quantitative and qualitative. Taking crucial objectives(investment, security benefit and investment/benefit ratio etc.) as guiding rules, it replaces the result of subjective comparison between each two items in the judgment matrix with the comparison result of objective calculation. Thus it reduces the misplay caused by subjective judgment. As a result, decision-makers need only to make a subjective comparison between the relative importances of those guiding rules, and then they can decide on one best of the multiple security solutions.This paper deals mainly with how to apply FTA to the information security field in order to develop a benefit-assessment model of security solutions; and how to, based upon the result of benefit assessment and the purpose of security investment, make an effective decision regarding the composition of the solution, the selection of products and the choices of solutions.
|
PDF Full Text Request