• DocumentCode
    2764075
  • Title

    Results-oriented security

  • Author

    Bishop, Martin ; Ford, Richard ; Ramilli, M.

  • Author_Institution
    Dept. of Comput. Sci., Univ. of California at Davis, Davis, CA, USA
  • fYear
    2011
  • fDate
    18-19 Oct. 2011
  • Firstpage
    42
  • Lastpage
    49
  • Abstract
    Current security practice is to examine incoming messages, commands, data, and executing processes for attacks that can then be countered. This position paper argues that this practice is counterproductive because the number and variety of attacks are far greater than we can cope with. We propose a results-oriented approach, in which one focuses on the step of the attack that realizes the compromise. Thus, the manner in which the compromise is effected becomes less important than the actual result, and prevention, detection, and recovery efforts are focused on that.
  • Keywords
    message authentication; data security; execution process; message security; results-oriented security; Computers; Context; Intrusion detection; Malware; Monitoring; Software;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Malicious and Unwanted Software (MALWARE), 2011 6th International Conference on
  • Conference_Location
    Fajardo
  • Print_ISBN
    978-1-4673-0031-5
  • Type

    conf

  • DOI
    10.1109/MALWARE.2011.6112325
  • Filename
    6112325