An enterprise assurance framework

Authors:
D. J. Landoll;J. R. Williams
Affiliations:
-;-
Venue:
WET-ICE '96 Proceedings of the 5th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'96)
Year:
1996

Citing 2
Cited 1

A taxonomy of computer program security flaws

ACM Computing Surveys (CSUR)
Pretty good assurance

NSPW '95 Proceedings of the 1995 workshop on New security paradigms

Working Group Report on Application Security

WET-ICE '96 Proceedings of the 5th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'96)

Quantified Score

Hi-index	0.00

Visualization

Abstract

The paper explores generating and conveying confidence in enterprise security. An enterprise assurance framework provides a structure enterprise assurance evidence that strengthens and clarifies the overall enterprise assurance argument. The structure and components of these arguments are defined and then applied to an enterprise. Finally, standards of evidence and evidence trade-offs are mentioned. The paper is largely based on a recent NIST internal report called "A Framework for Reasoning about Assurance".