ACM Transactions on Computer Systems (TOCS)
Trust-based navigation in distributed systems
Computing Systems
A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior
IEEE Transactions on Software Engineering
Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security
IEEE Transactions on Software Engineering
Trust and deception in virtual societies
On the characterisation of a trusting agent - aspects of a formal approach
Trust and deception in virtual societies
Valuation of Trust in Open Networks
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
A Subjective Metric of Authentication
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
Modeling and Quantification of Security Attributes of Software Systems
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
A reputation-based trust model for peer-to-peer ecommerce communities [Extended Abstract]
Proceedings of the 4th ACM conference on Electronic commerce
Supporting Trust in Virtual Communities
HICSS '00 Proceedings of the 33rd Hawaii International Conference on System Sciences-Volume 6 - Volume 6
Trust Relationships in Secure Systems-A Distributed Authentication Perspective
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
An interoperable context sensitive model of trust
Journal of Intelligent Information Systems
Estimating the relative trustworthiness of information sources in security solution evaluation
iTrust'06 Proceedings of the 4th international conference on Trust Management
Using real option thinking to improve decision making in security investment
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Trust-based security level evaluation using Bayesian belief networks
Transactions on computational science X
| Hi-index | 0.00 |
Sometimes developers must design innovative security solutions that have a rapid development cycle, short life-time, short time-to-market, and small budget. Security evaluation standards, such as Common Criteria and ISO/IEC 17799, cannot be used due to resource limitations, time-to-market, and other constraints. We propose an alternative time and cost effective approach for predicting the security level of a security solution using information sources who are trusted to varying degrees. We show how to assess the trustworthiness of each information source and demonstrate how to aggregate the information obtained from them. We illustrate our approach by showing the security level prediction for two Denial of Service (DoS) solutions.