Basel Katt scite author profile

Security assurance is the confidence that a system meets its security requirements based on specific evidences that an assurance technique provide. The notion of measuring security is complex and tricky. Existing approaches do not conisder the relevance of the different security requirements to the evaluated application context. Furthermore, they are mostly qualitative in nature and are heavily based on manual processing, which make them costly and time consuming. Therefore, they are not widely used and applied, especially by small and medium-sized enterprises (SME), which constitute the backbone of the Norwegian economy, In this paper, we propose a quantification method that aims at evaluating security assurance of systems by measuring (1) the level of confidence that the mechanisms fulfilling security requirements are present and (2) the vulnerabilities associated with possible security threats are absent. Additionally, an assurance evaluation process is proposed. Two case studies applying our method are presented. The case studies use our assurance method to evaluate the security level of two REST APIs developed by Statistics Norway, where one of the authors is employed. One of the REST APIs is public and the other is private. Analyzes show that the API with the most security mechanisms implemented got a slightly higher security assurance score. This was due to the fact that the vulnerabilities were considered more harmful in one of the cases as the security objectives diverged.

show abstract

Smart Policing for a Smart World Opportunities, Challenges and Way Forward

Yamin

Shalaginov

Katt

2020

View full text Add to dashboard Cite

Our world is getting evolved to smart world day by day. This smart world is being developed to make people life easier through the data generated by the smart devices. Data is the fuel that powers the smart world evolution, however, making things smart have its consequences. Smart devices are inherently vulnerable to cyber attacks, that's why we are observing an increase in crimes related to cyber space comparing to physical space. To address these crimes, police of the future need to evolve as well and data will be at the center stage of this evolution. In this contribution we are proposing a data centric policing proposal for smart cities. We analyzed current and developing technologies and the opportunities they offered for smart policing for a smart world.

show abstract

System security assurance: A systematic literature review

Shukla

Katt

Nweke

et al. 2022

Computer Science Review

View full text Add to dashboard Cite

Privacy and Access Control for IHE-Based Systems

Katt

Breu

Hafner

et al.

View full text Add to dashboard Cite

An Ontology-Based Context Model for Managing Security Knowledge in Software Development

Wen

Katt

2018

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Basel Katt

Cyber ranges and security testbeds: Scenarios, functions, tools and architecture

Weaponized AI for cyber attacks

Anomaly Detection in the Cloud: Detecting Security Incidents via Machine Learning

Quantitative security assurance metrics

Smart Policing for a Smart World Opportunities, Challenges and Way Forward

System security assurance: A systematic literature review

Privacy and Access Control for IHE-Based Systems

An Ontology-Based Context Model for Managing Security Knowledge in Software Development

Contact Info

Product

Resources

About