Quantitative Assessment of Enterprise Security System

  title={Quantitative Assessment of Enterprise Security System},
  author={Ruth Breu and Frank Innerhofer-Oberperfler and Artsiom Yautsiukhin},
  journal={2008 Third International Conference on Availability, Reliability and Security},
In this paper we extend a model-based approach to security management with concepts and methods that provide a possibility for quantitative assessments. For this purpose we introduce security metrics and explain how they are aggregated using the underlying model as a frame. We measure numbers of attack of certain threats and estimate their likelihood of propagation along the dependencies in the underlying model. Using this approach we can identify which threats have the strongest impact on… CONTINUE READING
Highly Cited
This paper has 38 citations. REVIEW CITATIONS

From This Paper

Figures, tables, and topics from this paper.
23 Citations
30 References
Similar Papers


Publications citing this paper.
Showing 1-10 of 23 extracted citations


Publications referenced by this paper.
Showing 1-10 of 30 references

Innerhofer-Oberperfler. Model based business driven IT security analysis. InProceedings of the Symposium on Requirements Engineering for Information Security (SREIS

  • F. R. Breu
  • 2005
Highly Influential
4 Excerpts

Loeb.Managing Cybersecurity Resources: a Cost-Benefit Analysis

  • M.P.L.A. Gordon
  • 2006
2 Excerpts

Similar Papers

Loading similar papers…