Towards security effectiveness measurement utilizing risk-based security assurance

@article{Savola2010TowardsSE,
  title={Towards security effectiveness measurement utilizing risk-based security assurance},
  author={Reijo Savola and Heimo Pentik{\"a}inen and Moussa Ouedraogo},
  journal={2010 Information Security for South Africa},
  year={2010},
  pages={1-8}
}
Systematic and practical approaches to risk-driven operational security evidence help ensure the effectiveness and efficiency of security controls in business-critical applications and services. This paper introduces an enhanced methodology to develop security effectiveness metrics that can be used in connection with correctness assurance of security controls. This methodology is then applied to an example system: a Push E-mail service. The methodology is based on threat and vulnerability… CONTINUE READING

Citations

Publications citing this paper.

References

Publications referenced by this paper.
SHOWING 1-10 OF 22 REFERENCES

Methodology for Service-Oriented Management of Security Assurance in Communication Infrastructures

  • 2008 11th IEEE High Assurance Systems Engineering Symposium
  • 2008
VIEW 4 EXCERPTS
HIGHLY INFLUENTIAL

Software Security: Building Security In

  • 2006 17th International Symposium on Software Reliability Engineering
  • 2006
VIEW 5 EXCERPTS
HIGHLY INFLUENTIAL

Directions in Security Metrics Research

VIEW 3 EXCERPTS
HIGHLY INFLUENTIAL

Security-Measurability-Enhancing Mechanisms for a Distributed Adaptive Security Monitoring System

  • 2010 Fourth International Conference on Emerging Security Information, Systems and Technologies
  • 2010
VIEW 1 EXCERPT

Measuring cyber security and information assurance: a state-of-the-art report

N. Bartol, B. Bates, K. M. Goertzel, T. Winograd
  • Information Assurance Technology Analysis Center IATAC, May 2009.
  • 2009
VIEW 1 EXCERPT

Similar Papers