A transaction flow approach to a computer operating environment security evaluation

Author

Susan E. Hicks

Date of Award

12-1989

Degree Type

Thesis

Degree Name

Master of Science

Major

Computer Science

Major Professor

William J. McClain

Committee Members

David W. Straight, Tom Dunigan

Abstract

This thesis presents the application of a software security evaluation methodology to a computer operating environment based on the VAX/VMS operating system. The evaluation methodology is based on a transaction flow analysis approach that involves the systematic analysis of security exposures and controls in a computer operating environment. The system is viewed as a set of transactions performed on the objects of the system with each transaction represented in a data flow diagram. The objectives of the evaluation methodology are to identify the exposures that exist in a system, to determine the controls provided to protect those exposures, and to assess the effectiveness of the controls in preventing or detecting exploitation of the exposures.

Recommended Citation

Hicks, Susan E., "A transaction flow approach to a computer operating environment security evaluation. " Master's Thesis, University of Tennessee, 1989.
https://trace.tennessee.edu/utk_gradthes/12967