UMLsec: Extending UML for Secure Systems Development
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
Information security models and metrics
Proceedings of the 43rd annual Southeast regional conference - Volume 2
Is risk a good security metric?
Proceedings of the 2nd ACM workshop on Quality of protection
Computer Standards & Interfaces
Security metrics for source code structures
Proceedings of the fourth international workshop on Software engineering for secure systems
Experimental comparison of attack trees and misuse cases for security threat identification
Information and Software Technology
Security metrics for software systems
Proceedings of the 47th Annual Southeast Regional Conference
Security Estimation Framework: Design Phase Perspective
ITNG '09 Proceedings of the 2009 Sixth International Conference on Information Technology: New Generations
Information and Software Technology
Security Metrics for Object-Oriented Class Designs
QSIC '09 Proceedings of the 2009 Ninth International Conference on Quality Software
M-BPSec: a method for security requirement elicitation from a UML 2.0 business process specification
ER'07 Proceedings of the 2007 conference on Advances in conceptual modeling: foundations and applications
Secure Systems Development with UML
Secure Systems Development with UML
Estimating risk levels for vulnerability categories using CVSS
International Journal of Internet Technology and Secured Transactions
Hi-index | 0.00 |
A lack of security metrics signifies that it is not possible to measure the success of security policies, mechanisms and implementations, and security cannot, in turn, be improved if it cannot be measured. The importance of the use of metrics to obtain security quality is thus widely accepted. However, the definition of security metrics concerns a discipline which is still in its first stages of development, meaning that few documented resources or works centring on this subject exist to date. In this paper we shall therefore study the latest existing models with which to define security metrics and their components as aspects that have a bearing on the quality of software products with the intention that this will serve as a basis for continued advancement in research into this area of knowledge.