This site uses cookies. Some of these cookies are essential to the operation of the site, while others help to improve your experience by providing insights into how the site is being used. For more information, please see the ProZ.com privacy policy.
Cookie settings
Power Port Device
Stack security holes exploits

Glossary entry

English英语 term or phrase:

Horizontal Attack Profile (HAP)

Chinese汉语 translation:

横向攻击剖面/视图

Added to glossary by Patrick Cheng
Jul 16, 2018 05:19
6 yrs ago
English英语 term

Horizontal Attack Profile (HAP)

English英语译成Chinese汉语 技术/工程设计 IT(信息技术) securityy
James Bottomley, an IBM Research Distinguished Engineer and top Linux kernel developer, writes: "One of the biggest problems with the current debate about Container vs Hypervisor security is that no-one has actually developed a way of measuring security, so the debate is all in qualitative terms (hypervisors 'feel' more secure than containers because of the interface breadth) but no-one actually has done a quantitative comparison." To meet this need, Bottomley created {Horizontal Attack Profile (HAP)}, designed to describe system security in a way that it can be objectively measured. Bottomley has discovered that "a Docker container with a well crafted seccomp profile (which blocks unexpected system calls) provides roughly equivalent security to a hypervisor."
横向攻击配置文件?
感觉不像是配置文件。
Proposed translations (Chinese汉语)
3 横向攻击剖面/视图
Change log

Jul 18, 2018 01:51: Patrick Cheng Created KOG entry

Discussion

clearwater (asker) Jul 18, 2018:
谢谢两位!就用“剖面”了,尽管不是十分的理想,但找不出更好的。
Patrick Cheng Jul 16, 2018:
主要是“配置文件”的定义是很清楚的,是定义计算机系统或者软件如何运行的参数集合。而这里的定义也是很清楚的,它是客观描述系统安全性的一个定义(具体内容还不知道),所以感觉直接翻成“配置文件”不妥。甚至不如就直接说是“横向攻击安全性定义/安全指标”。
Frank Feng Jul 16, 2018:
我觉得这里profile翻译成“配置文件”应该没什么问题
----------------------------------------------------
仔细看了一下有关的原文,发现“配置文件”确实不适合。这里的Profile是用来描述/测量HA的,有点类似“customer profile”里面的用法。而“customer profile"往往译作“客户档案”,那这里“HA Profile"是不是可以译作“横向/水平攻击档案”呢?
Patrick Cheng Jul 16, 2018:
您为什么觉得HAP中的profile就是这个链接中的profile呢?读了一下链接,其中的profile我认为可以翻成配置文件,因为其定义了seccomp中可以运行哪些系统命令。但我没有看出来为什么HAP的profile是链接中的profile。这里说到Bottomley定义这个profile的目的是为了客观地描述系统的安全性,但没有具体说是如何定义的。假设Bottomley的定义也是指某些系统命令的可用性,即使看上去与配置文件相似,但因为目的完全不同,似乎也不宜翻为配置文件。是否可以考虑“视图/规范/协议”之类?
clearwater (asker) Jul 16, 2018:
https://docs.docker.com/engine/security/seccomp/
HAP中的profile即上面链接中的profile。

Proposed translations

17分钟
Selected

横向攻击剖面/视图

不知道有没有固定译法,但是读到Bottomley的下面这一段文字,感觉这里的profile是指受攻击的整个软件/运行环境(stack)的一个视图或者说是剖面:
From the measurement point of view, we look at the vertical stack: all code that is traversed to provide a service all the way from input web request to database update to output response potentially contains bugs; the bug density is variable for the different components but the more code you traverse the higher your chance of exposure to exploitable vulnerabilities. We’ll call this the Vertical Attack Profile (VAP) of the stack.
Reference:

https://blog.hansenpartnership.com/containers-and-cloud-security/

Something went wrong...
4 KudoZ points awarded for this answer. Comment: "谢谢!"
Close search
Term search
  • All of ProZ.com
  • 术语搜索
  • 工作
  • 论坛
  • Multiple search