Publication | Closed Access
Towards security effectiveness measurement utilizing risk-based security assurance
16
Citations
14
References
2010
Year
Unknown Venue
Security ModellingSecurity ArchitectureInformation Security ManagementEngineeringInformation SecuritySecurity Effectiveness MetricsRisk ManagementSecurity AssessmentSecuritySoftware EngineeringSystems EngineeringSecurity EvaluationRisk-based Security AssuranceRisk AnalysisPush E-mail ServiceSecurity MeasurementSystem Architecture Decomposition
Systematic and practical approaches to risk-driven operational security evidence help ensure the effectiveness and efficiency of security controls in business-critical applications and services. This paper introduces an enhanced methodology to develop security effectiveness metrics that can be used in connection with correctness assurance of security controls. This methodology is then applied to an example system: a Push E-mail service. The methodology is based on threat and vulnerability analysis, and parallel security requirement and system architecture decomposition.
| Year | Citations | |
|---|---|---|
Page 1
Page 1