Was bedeutet Attack Tree?
Das International Software Architecture Qualification Board (ISAQB) definiert den Begriff „Attack Tree“ wie folgt:
Unter Attack Tree versteht man „
Formal way to describe different approaches of an attacker to reach certai
goals. The tree is usally structured with the attack goal on top and differen
approaches as child nodes. Each approach is likely to have dependencies whic
are again listed as child nodes
The possibiliy of a certain way to attack an IT-system can be analyzed b
assigning additional attributes to each node. Examples could be the estimate
costs of an attack or if an attack approach is possible or not by referencin
countermeasures.See Bruce Schneier on “Modeling security threats”.
Category: Security
„
Wenn Sie ähnliche Fachbegriffe wie Attack Tree nachschlagen müssen, schauen Sie doch einfach in unserm umfangreichen Glossar nach. Oder durchsuchen Sie unser Wörterbuch:
