Information Assurance Measures and Metrics " State of Practice and Proposed Taxonomy
HICSS '03 Proceedings of the 36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 9 - Volume 9
A Taxonomy of Information Security for Service-Centric Systems
EUROMICRO '07 Proceedings of the 33rd EUROMICRO Conference on Software Engineering and Advanced Applications
A Systematic Review and Comparison of Security Ontologies
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
GEMOM - Significant and Measurable Progress beyond the State of the Art
ICSNC '08 Proceedings of the 2008 Third International Conference on Systems and Networks Communications
Applicability of security metrics for adaptive security management in a universal banking hub system
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
Innovations and Advances in Adaptive Secure Message Oriented Middleware
ICDCSW '10 Proceedings of the 2010 IEEE 30th International Conference on Distributed Computing Systems Workshops
Security-Measurability-Enhancing Mechanisms for a Distributed Adaptive Security Monitoring System
SECURWARE '10 Proceedings of the 2010 Fourth International Conference on Emerging Security Information, Systems and Technologies
Security ontology for annotating resources
OTM'05 Proceedings of the 2005 OTM Confederated international conference on On the Move to Meaningful Internet Systems: CoopIS, COA, and ODBASE - Volume Part II
Can we measure security and how?
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
Hi-index | 0.00 |
Measurement of any complex, operational system is challenging due to the continuous independent evolution of the components. Security risks introduce another dimension of dynamicity, reflected to risk management and security assurance activities. The availability of different measurements and their properties will vary during the overall system lifecycle. To be useful, a measurement framework in this context needs to be able to adapt to both the changes in the target of measurement and in the available measurement infrastructure. In this study, we introduce a taxonomy-based approach for relating the available and attainable measurements to the measurement requirements of security assurance plans by providing an Abstraction Layer that makes it easier to manage these dynamic features. The introduced approach is investigated in terms of a security assurance case example of firewall functionality in a Push E-mail service system.