Comprehensible security synthesis for wireless sensor networks
Proceedings of the 3rd international workshop on Middleware for sensor networks
Quantified security is a weak hypothesis: a critical survey of results and assumptions
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Indicator-based architecture-level security evaluation in a service-oriented environment
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
Security and performance in service-oriented applications: Trading off competing objectives
Decision Support Systems
Evidential structures and metrics for network forensics
International Journal of Internet Technology and Secured Transactions
Idea: a feasibility study in model based prediction of impact of changes on system quality
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Automated software architecture security risk analysis using formalized signatures
Proceedings of the 2013 International Conference on Software Engineering
Hi-index | 0.00 |
Measuring security is an important step in creating and deploying secure applications. In order to efficiently measure the level of security that an application provides, three problems need to be solved: obviously metrics need to be available, a suitable metrics framework needs to be chosen and implemented, and the resulting measurements need to be interpreted. This work focuses on the second and third problem. We propose an approach to facilitate the selection and integration of appropriate security metrics, and to support the aggregation and interpretation of measurements. Our approach associates security metrics to security patterns, and we exploit the relationships between security patterns and security objectives to enable the interpretation of measurements. The approach is illustrated in a case study.