Quality Of Protection Security Measurements and Metrics
Information security in the business setting has matured in the last few decades. Standards, such as IS017799, the Common Criteria’s, and a number of industry and academic certifications and risk analysis methodologies, have raised the bar on what is considered good security solution, from a busines...
Other Authors: | , , |
---|---|
Format: | eBook |
Language: | English |
Published: |
New York, NY
Springer US
2006, 2006
|
Edition: | 1st ed. 2006 |
Series: | Advances in Information Security
|
Subjects: | |
Online Access: | |
Collection: | Springer eBooks 2005- - Collection details see MPG.ReNa |
Table of Contents:
- Motivations
- Why to adopt a security metric? A brief survey
- Service-oriented Assurance — Comprehensive Security by Explicit Assurances
- Measurements: Reliability vs Security
- Software Security Growth Modeling: Examining Vulnerabilities with Reliability Growth Models
- A Discrete Lognormal Model for Software Defects Affecting Quality of Protection
- Time-to-Compromise Model for Cyber Risk Reduction Estimation
- Assessing the risk of using vulnerable components
- Collection and analysis of attack data based on honeypots deployed on the Internet
- Quantitative Security Models
- Multilevel Security and Quality of Protection
- A Conceptual Model for Service Availability
- A SLA evaluation methodology in Service Oriented Architectures
- Towards a Notion of Quantitative Security Analysis
- Metrics for Anonymity and Confidentiality
- The Lower Bound of Attacks on Anonymity Systems — A Unicity Distance Approach
- Intersection Attacks on Web-Mixes: Bringing the Theory into Praxis
- Using Guesswork as a Measure for Confidentiality of Selectively Encrypted Messages
- Measuring Inference Exposure in Outsourced Encrypted Databases