Title: Model for evaluation of SOA security metrics using attack graphs

Authors: Jan Magott, Marek Woda

Addresses: Institute of Computer Engineering, Control and Robotics, Wroclaw University of Technology, Janiszewskiego 11-17, 50-372 Wroclaw, Poland. ' Institute of Computer Engineering, Control and Robotics, Wroclaw University of Technology, Janiszewskiego 11-17, 50-372 Wroclaw, Poland

Abstract: In the paper, a proposal of risk assessment for service oriented architecture (SOA) is given. The proposal is based on service availability metrics that is a probability that the service is available. Foundations for calculating this probability by simulation using attack graphs are given. The attack graph is a representation of actions that end in a state where an intruder achieved his/her goal. Resource consumption, in terms of host-processing time, bandwidth of physical connections utilisation are the new features of an atomic attack given in this paper. Taking into account, resources engaged during attacks have been divided into: resources charging attacks (performance attacks) and non-resources charging attacks (functional attacks). The attack graphs of the second type attacks are similar to the graph attacks presented in literature. The attack graphs of the first attack type are new. A model of intrusion detection system is also given.

Keywords: SOA; service oriented architecture; security metrics; attach graphs; attack models; service availability; resource consumption; performance attacks; functional attacks; intrusion detection.

DOI: 10.1504/IJCCBS.2010.031712

International Journal of Critical Computer-Based Systems, 2010 Vol.1 No.1/2/3, pp.161 - 177

Published online: 21 Feb 2010 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article