Security measurement of software-intensive systems is an emerging field, rapidly gaining momentum. Well-designed security metrics offer credible and sufficient evidence of security level and performance for security decision-making. In this study, we introduce a novel security metrics feasibility validation approach, consisting of validation criteria and an associated validation process that takes into account the used measurement approaches and the use of security metrics. The approach is based on the identification of needs for and challenges in using security metrics, and the identification of good properties of security metrics from related work
There exists a large number of suggestions for how to measure security, and in many cases the goal i...
Adequate information security effectiveness during system operation is the ultimate goal of all secu...
The lack of adequate information security solutions in software-intensive systems can have serious c...
Security measurement of software-intensive systems is an emerging field, rapidly gaining momentum. W...
It is a widely accepted management principle that an activity cannot be managed well if it cannot be...
Appropriate information security solutions for software-intensive systems, together with evidence of...
Quantification of information security can be used to obtain evidence to support decision-making abo...
This paper begins with an introduction to security metrics, describing the need for security metrics...
Measurement is one of the foundations of sound engineering practices, be-cause-as Tom DeMarco put it...
We introduce a novel high-level security metrics objective taxonomization model for software- intens...
It is a widely accepted management principle that an activity cannot be managed well if it cannot be...
The management of information security becomes easier if suitable metrics can be developed to offer ...
Abstract: We introduce a novel high-level security metrics objective taxonomization model for soft-w...
In this paper, basic issues of measuring security as a system property are discussed. While traditi...
How secure is a software product or a telecommunication network, or their fusion? In order to obtain...
There exists a large number of suggestions for how to measure security, and in many cases the goal i...
Adequate information security effectiveness during system operation is the ultimate goal of all secu...
The lack of adequate information security solutions in software-intensive systems can have serious c...
Security measurement of software-intensive systems is an emerging field, rapidly gaining momentum. W...
It is a widely accepted management principle that an activity cannot be managed well if it cannot be...
Appropriate information security solutions for software-intensive systems, together with evidence of...
Quantification of information security can be used to obtain evidence to support decision-making abo...
This paper begins with an introduction to security metrics, describing the need for security metrics...
Measurement is one of the foundations of sound engineering practices, be-cause-as Tom DeMarco put it...
We introduce a novel high-level security metrics objective taxonomization model for software- intens...
It is a widely accepted management principle that an activity cannot be managed well if it cannot be...
The management of information security becomes easier if suitable metrics can be developed to offer ...
Abstract: We introduce a novel high-level security metrics objective taxonomization model for soft-w...
In this paper, basic issues of measuring security as a system property are discussed. While traditi...
How secure is a software product or a telecommunication network, or their fusion? In order to obtain...
There exists a large number of suggestions for how to measure security, and in many cases the goal i...
Adequate information security effectiveness during system operation is the ultimate goal of all secu...
The lack of adequate information security solutions in software-intensive systems can have serious c...