Quantitative Assessment of Enterprise Security System

13 years 11 months ago

Download dit.unitn.it

—In this paper we extend a model-based approach to security management with concepts and methods that provide a possibility for quantitative assessments. For this purpose we introduce security metrics and explain how they are aggregated using the underlying model as a frame. We measure numbers of attack of certain threats and estimate their likelihood of propagation along the dependencies in the underlying model. Using this approach we can identify which threats have the strongest impact on business security objectives and how various security controls might differ with regard to their effect in reducing these threats.

Ruth Breu, Frank Innerhofer-Oberperfler, Artsiom Y

Real-time Traffic

IEEEARES 2008 | Model-based Approach | Security | Security Metrics | Security Privacy |

claim paper

» ModelBased Risk Assessment to Improve Enterprise Security

» Assessment of Enterprise Information Security The Importance of Prioritization

» An OVALbased active vulnerability assessment system for enterprise computer networks

» Security Ontologies Improving Quantitative Risk Analysis

» Enterprise in context assessing the usability of parallel programming environments

» Information system security compliance to FISMA standard a quantitative measure

» Enterprise Architecture Analysis for Data Accuracy Assessments

» Developing Secure Networked WebBased Systems Using Modelbased Risk Assessment and UMLsec

Post Info
More Details (n/a)

Added	31 May 2010
Updated	31 May 2010
Type	Conference
Year	2008
Where	IEEEARES
Authors	Ruth Breu, Frank Innerhofer-Oberperfler, Artsiom Yautsiukhin

Comments (0)

Sciweavers

Quantitative Assessment of Enterprise Security System

IEEEARES 2008 | Model-based Approach | Security | Security Metrics | Security Privacy |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers