Advances in Information Security
Volume 232006
Quality of ProtectionSecurity Measurements and MetricsEditors:
ISBN: 978-0-387-29016-4 (Print) 978-0-387-36584-8 (Online)
About this book
Information security in the business setting has matured in the last few decades. Standards, such as IS017799, the Common Criteria’s, and a number of industry and academic certifications and risk analysis methodologies, have raised the bar on what is considered good security solution, from a business perspective. Yet, the evaluation of security solutions has largely a qualitative flavor. Notions such as Security Metrics, Quality of Protection (QoP) or Protection Level Agreement (PLA) have only surfaced in the literature.
Quality of Protection: Security Measurements and Metrics is an edited volume based on the Quality of Protection Workshop at ESORICS 2005, the flagship European Symposium on Research in Computer Security. This book discusses how security research can progress towards a notion of quality of protection in security, comparable to the notion of quality of service in networking and software measurements and metrics, in empirical software engineering.
Quality of Protection: Security Measurements and Metrics is designed for a professional audience, composed of researchers and practitioners in industry. This book is also suitable for graduate-level students in computer science and telecommunications.
Table of contents Preface.- Industrial Experience.- Security Risk Analysis.- Security Quality Assurance.- Measurement-Based Decision Making and Risk Management.- Empirical Assessment of Security Architectures and Solutions.- Mining Data from Attacks and Vulnerabilities Repositories.- Security Metrics.- Measurement Theory and Formal Theories of Security Metrics.- Security Measurement and Monitoring.- Experimental Verification and Validation of Models.- Simulation and Statistical Analysis, Stochastic Modeling.- Reliability Analysis.- Index.
扫码加好友,拉您进群
全部版块
我的主页
收藏
