A new approach to evaluating security assurance

Author

Ouedraogo, Moussa ; Mouratidis, Haralambos ; Hecker, Artur ; Bonhomme, Cedric ; Khadraoui, Djamel ; Dubois, Eric ; Preston, David

Author_Institution

Public Res. Center Henri Tudor, Kirchberg, Luxembourg

fYear

2011

fDate

5-8 Dec. 2011

Firstpage

215

Lastpage

221

Abstract

This paper first analyzes the current gap in the literature in security assurance. It then proposes new metrics for the appraisal of security assurance at runtime. Our metrics are based on key concepts pertinent to gaining confidence on a security mechanism to meet its functions. Such parameters include: security correctness; security effectiveness and the quality of the security verification process. Validation of our approach has been achieved through tool implementation, and application to another of security components including firewall, DNS and antivirus.

Keywords

formal verification; risk management; security of data; security assurance evaluation; security correctness; security effectiveness; security mechanism; security verification process; Availability; Fires; Measurement; Probes; Risk management; Security; Security assurance; metrics; risks assessment; verification of security; verification process quality;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Assurance and Security (IAS), 2011 7th International Conference on

Conference_Location

Melaka

Print_ISBN

978-1-4577-2154-0

Type

conf

DOI

10.1109/ISIAS.2011.6122822

Filename

6122822

Link To Document

https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2927694