{"title":"Developing a Threat Model for Enterprise Storage Area Networks","authors":"C. DeCusatis","doi":"10.1109/IAW.2006.1652070","DOIUrl":null,"url":null,"abstract":"The need for improved security has been widely recognized in the information technology industry, particularly for enterprise storage area networks (SANs). However, until recently there has been relatively little development of threat models which specifically address the unique requirements of these networks. In this paper, we present a method for quantifying risk, justifying security upgrade costs, and proactively assessing threats to an enterprise-class SAN. The threat model suggests that a centralized approach to security management based on the host processor may be more effective than a distributed approach based on the edge of the network. Examples of enterprise server security features developed to address these threats are discussed, along with performance results on host-based encryption and a roadmap for future security enhancements","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 IEEE Information Assurance Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IAW.2006.1652070","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
The need for improved security has been widely recognized in the information technology industry, particularly for enterprise storage area networks (SANs). However, until recently there has been relatively little development of threat models which specifically address the unique requirements of these networks. In this paper, we present a method for quantifying risk, justifying security upgrade costs, and proactively assessing threats to an enterprise-class SAN. The threat model suggests that a centralized approach to security management based on the host processor may be more effective than a distributed approach based on the edge of the network. Examples of enterprise server security features developed to address these threats are discussed, along with performance results on host-based encryption and a roadmap for future security enhancements
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
