Formalized Framework(s) for
Modeling of Security?
•How do we model the characteristics of
–Data, Protocols, Relationships, Time, Hardware, Software
–Objects, Algorithms, Abstraction, Level of Detail, Audience?
•Formal Models
–Howard, Amoroso, Landwehr, Cohen, Hale
•What can we learn from the experiences of other areas, e.g. the High Level Architecture (HLA) effort, CVE, and Common Criteria?
•
Value of formalized models, e.g. OSI should be evident

Drivers in HLA – DOD components, war fighting
Drivers in Common Criteria – vendors, government, need for international level