Security assurance is the confidence that a system meets its security requirements based on specific evidences that an assurance technique provide. The notion of measuring security is complex and tricky. Existing approaches either (1) consider one aspect of assurance, like security requirements fulfillment, or threat/vulnerability existence, or (2) do not consider the relevance of the different security requirements to the evaluated application context. Furthermore, they are mostly qualitative in nature and are heavily based on manual processing, which make them costly and time consuming. Therefore, they are not widely used and applied, especially by small and medium-sized enterprises (SME), which constitute the backbone of the Norwegian ec...
In order to obtain evidence of the security and privacy issues of products, services or an organizat...
Assurance is commonly considered as “something said or done to inspire confidence” (Webster dictiona...
Abstract—Systematically developed security metrics make it possible to gather sufficient and credibl...
Security assurance is the confidence that a system meets its security requirements based on specific...
Security assurance is the confidence that a system meets its security requirements, based on specifi...
Security assurance (SA) is a technique that helps organizations to appraise the trust and confidence...
Security Assurance is commonly defined as the ground for confidence on the security mechanisms to me...
It is a widely accepted management principle that an activity cannot be managed well if it cannot be...
Measurement is one of the foundations of sound engineering practices, be-cause-as Tom DeMarco put it...
This short note describes a number of methods for assessing security in a quantitative way. Next to ...
In this paper, basic issues of measuring security as a system property are discussed. While traditi...
Evaluating the software assurance of a product as it functions within a specific system context invo...
Quantification of information security can be used to obtain evidence to support decision-making abo...
Operational security assurance evaluation requires building security metrics models to express the e...
The management of information security becomes easier if suitable metrics can be developed to offer ...
In order to obtain evidence of the security and privacy issues of products, services or an organizat...
Assurance is commonly considered as “something said or done to inspire confidence” (Webster dictiona...
Abstract—Systematically developed security metrics make it possible to gather sufficient and credibl...
Security assurance is the confidence that a system meets its security requirements based on specific...
Security assurance is the confidence that a system meets its security requirements, based on specifi...
Security assurance (SA) is a technique that helps organizations to appraise the trust and confidence...
Security Assurance is commonly defined as the ground for confidence on the security mechanisms to me...
It is a widely accepted management principle that an activity cannot be managed well if it cannot be...
Measurement is one of the foundations of sound engineering practices, be-cause-as Tom DeMarco put it...
This short note describes a number of methods for assessing security in a quantitative way. Next to ...
In this paper, basic issues of measuring security as a system property are discussed. While traditi...
Evaluating the software assurance of a product as it functions within a specific system context invo...
Quantification of information security can be used to obtain evidence to support decision-making abo...
Operational security assurance evaluation requires building security metrics models to express the e...
The management of information security becomes easier if suitable metrics can be developed to offer ...
In order to obtain evidence of the security and privacy issues of products, services or an organizat...
Assurance is commonly considered as “something said or done to inspire confidence” (Webster dictiona...
Abstract—Systematically developed security metrics make it possible to gather sufficient and credibl...