Another research area which is receiving a lot of attention
is the identification of vulnerabilities of existing protocols and
equipment [56], [57], as well as on methodologies by which to
analyse existing networks in order to detect and mitigate vulnerabilities.
These methodologies generally focus on detecting
chains of vulnerabilities [58] or developing attack trees [59],
as overcoming even low levels of security on a network often
involves exploiting a series of several vulnerabilities before
effecting a meaningful compromise. Such analysis is vital in
the formulation of an effective security policy, which is often
one of the most difficult aspects of successfully securing a
network. Not only does the creation of a security policy require
careful analysis of equipment and protocols, the means of
addressing identified vulnerabilities must be balanced against
cost and practicality of execution. It is important to remember
that a security implementation should not interfere with the
operation of personnel or equipment, else it will likely be
circumvented by its users.
Another research area which is receiving a lot of attentionis the identification of vulnerabilities of existing protocols andequipment [56], [57], as well as on methodologies by which toanalyse existing networks in order to detect and mitigate vulnerabilities.These methodologies generally focus on detectingchains of vulnerabilities [58] or developing attack trees [59],as overcoming even low levels of security on a network ofteninvolves exploiting a series of several vulnerabilities beforeeffecting a meaningful compromise. Such analysis is vital inthe formulation of an effective security policy, which is oftenone of the most difficult aspects of successfully securing anetwork. Not only does the creation of a security policy requirecareful analysis of equipment and protocols, the means ofaddressing identified vulnerabilities must be balanced againstcost and practicality of execution. It is important to rememberthat a security implementation should not interfere with theoperation of personnel or equipment, else it will likely becircumvented by its users.
การแปล กรุณารอสักครู่..