DocumentCode :
2355972
Title :
Towards security effectiveness measurement utilizing risk-based security assurance
Author :
Savola, Reijo M. ; Pentikäinen, Heimo ; Ouedraogo, Moussa
Author_Institution :
VTT Tech. Res. Centre of Finland, Oulu, Finland
fYear :
2010
fDate :
2-4 Aug. 2010
Firstpage :
1
Lastpage :
8
Abstract :
Systematic and practical approaches to risk-driven operational security evidence help ensure the effectiveness and efficiency of security controls in business-critical applications and services. This paper introduces an enhanced methodology to develop security effectiveness metrics that can be used in connection with correctness assurance of security controls. This methodology is then applied to an example system: a Push E-mail service. The methodology is based on threat and vulnerability analysis, and parallel security requirement and system architecture decomposition.
Keywords :
electronic mail; security of data; correctness assurance; parallel security requirement; push e-mail service; risk based security assurance; risk driven operational security evidence; security control; security effectiveness measurement; system architecture decomposition; Availability; Context; Electronic mail; Measurement; Risk analysis; Security; Servers; security assurance level; security effectiveness metrics; security measurement; security metrics;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Information Security for South Africa (ISSA), 2010
Conference_Location :
Sandton, Johannesburg
Print_ISBN :
978-1-4244-5493-8
Type :
conf
DOI :
10.1109/ISSA.2010.5588322
Filename :
5588322
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2355972
بازگشت