DocumentCode
2960064
Title
Development of security metrics for a distributed messaging system
Author
Savola, Reijo M. ; Abie, Habtamu
Author_Institution
VTT Tech. Res. Centre of Finland, Oulu, Finland
fYear
2009
fDate
14-16 Oct. 2009
Firstpage
1
Lastpage
6
Abstract
Carefully designed security metrics of practical relevance can be used to provide evidence of the security behavior of the system under development or operation. This study investigates a practical development of security metrics for a distributed messaging system based on threat and vulnerability analysis and security requirements. Our approach is thus requirement-centric. The high-level security requirements are expressed in terms of lower-level measurable components applying a decomposition approach. Both non-attack strategy oriented and attacker behaviour oriented metrics are investigated. The available on-line evidence information of the security performance of the system is integrated with off-line metrics to enable holistic decision-making for security management of the system.
Keywords
middleware; security of data; software metrics; telecommunication security; attacker behaviour oriented metrics; distributed messaging system; high-level security requirement; lower level measurable component; nonattack strategy oriented metrics; requirement-centric approach; security metrics development; security performance online evidence information; security requirements; threat analysis; vulnerability analysis; Current measurement; Decision making; Distributed information systems; Fluid flow measurement; Genetics; Information security; Message-oriented middleware; Monitoring; Quality of service; Resilience;
fLanguage
English
Publisher
ieee
Conference_Titel
Application of Information and Communication Technologies, 2009. AICT 2009. International Conference on
Conference_Location
Baku
Print_ISBN
978-1-4244-4739-8
Electronic_ISBN
978-1-4244-4740-4
Type
conf
DOI
10.1109/ICAICT.2009.5372566
Filename
5372566
Link To Document