Journal of Computer Networks and Communications

Research Article

System Health Monitoring Using a Novel Method: Security Unified Process

Algorithm 1

Risk assessment ().
Require: SGT = [ 𝐢 , 𝐼 , 𝐴 ] { Security-golden-triangle}
Require:   𝐸 = [ 𝑒 1 , 𝑒 2 , 𝑒 3 , … , 𝑒 𝑛 ] {Experts}
 1: Cube = [Business, Logical, Physical] {Security Cube}
 2: Business = [Human]
 3: Logical = [Foreign, Country, Organization, Personal, Organizational, Platform, Application, Strategy, Protocol,
  Communication, Design]
 4: Physical = [Media, Storage, Where, Hardware Component]
 5: for  each 𝑑 ∈ Cube  do
 6:  for  each 𝑠 ∈ 𝑑   do
 7:   A = AssetIdentification ( 𝑑 , 𝑠 ) { 𝑑 : domains, 𝑠 : sections}
 8:  end  for
 9: end  for
 10: 𝑇 = ThreatIdentification() {Threat Identification 𝑇 = [ 𝑑 1 , 𝑑 1 , … , 𝑑 𝑛 ] }
 11: Evaluation( 𝐸 , SGT) {CIA Triad Evaluation}
 12: for each π‘Ž ∈ 𝐴   do
 13:   𝑉 [ π‘Ž ] = VulnerabilityIdentification( π‘Ž ) {Vulnerability Identification 𝑉 = [ 𝑣 1 , 𝑣 2 … , 𝑣 𝑛 ] }
 14: end  for
 15: 𝑅 = RiskIdentification( 𝐴 , 𝑉 ) {Risk Identification 𝑅 = [ π‘Ÿ 1 , π‘Ÿ 2 , … , π‘Ÿ 𝑛 ] }
 16: for  each   π‘Ž ∈ 𝐴   do
 17:   A V [ π‘Ž ] = AssetValue( 𝐸 , π‘Ž ) {Asset value}
 18: end  for
 19: for  each   𝑣 ∈ 𝑉   do
 20:   V E [ 𝑣 ] = VulnerabilityEffect( 𝐸 , 𝑣 ) {Vulnerability Effect}
 21: end  for
 22: for  each   𝑑 ∈ 𝑇   do
 23:   T E [ 𝑑 ] = ThreatEffect( 𝐸 , 𝑑 ) {Threat Effect}
 24: end  for
 25: for  each   π‘Ÿ ∈ 𝑅   do
 26:  FRA = Fuzzification( π‘Ÿ β‹… π‘Ž ) {related asset}
 27:  FRV = Fuzzification( π‘Ÿ β‹… 𝑣 ) {related vulnerability}
 28:  FRT = Fuzzification( π‘Ÿ β‹… 𝑑 ) {related threat}
 29:   R E [ π‘Ÿ ] = defuzzification(FRA, FRV, FRT)
 30: end  for
 31: Return  SRE = Sort(RE)