A Decision-Theoretic Approach to Measuring Security

Port, Dan; Wilf, Joel

doi:10.24251/hicss.2017.737

Proceedings of the 50th Hawaii International Conference on System Sciences (2017) 2017

DOI: 10.24251/hicss.2017.737

|View full text |Cite

A Decision-Theoretic Approach to Measuring Security

Dan Port

Joel Wilf

Abstract: The question "is this system secure?" is notoriously difficult to answer. The

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

Supporting

Mentioning

Contrasting

Year Published

2019

Publication Types

Select...

Book1

Relationship

Self Cite0

Independent1

Authors

Journals

Cited by 1 publication

References 9 publications

(10 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

Quantitative Security Assurance

Katt

Prasher

2019

Advances in Information Security, Privacy, and Ethics

View full text Add to dashboard Cite

Security assurance is the confidence that a system meets its security requirements and is resilient against security vulnerabilities and failures. Existing approaches can be characterized as (1) qualitative in nature, (2) tend to achieve their goals manually to a large extent, (3) very costly, (4) development-process oriented, and finally, (3) treat all security requirements within one domain equally for all applications regardless of the context. In this chapter, the authors propose a security assurance framework and its assurance evaluation process. The framework and process depend on a quantitative security assurance metrics that were developed too. The proposed metric considers both the security requirements and vulnerability. Weight has been introduced to the security requirement metric to measure the importance of security requirements that need to be fulfilled. The framework with the proposed quantitative assurance metrics are evaluated and validated using two field case studies related to two operational REST APIs that belong to and are used by Statistics Norway.

show abstract

Quantitative Security Assurance

Katt

Prasher

2019

Advances in Information Security, Privacy, and Ethics

View full text Add to dashboard Cite

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

A Decision-Theoretic Approach to Measuring Security

Abstract: The question "is this system secure?" is notoriously difficult to answer. The

Cited by 1 publication

References 9 publications

Quantitative Security Assurance

Quantitative Security Assurance

Contact Info

Product

Resources

About