Istituto di Informatica e Telematica     
Krautsevich L., Martinelli F., Yautsiukhin A. Formal approach to security metrics. What does "more secure" mean for you?. In: MeSSa 2010 - I International Workshop on Measurability of Security in Software Architectures (Copenhagen, Denmark, 23 August 2010). Proceedings, ACM, 2010.
Security metrics are the tools for providing correct and up-to-date information about a state of security. This information is essential for managing security efficiently. Although a number of security metrics were proposed we still need reliable ways for assessment of security. First of all, we do not have a widely-accepted and unambiguous definition which defines what it means that one system is more secure than another one. Without this knowledge we cannot show that a metric really measures security. Second, there is no a universal formal model for all metrics which can be used for rigourous analysis. In this paper we investigate how we can define "more secure" relation and propose our basic formal model for a description and analysis of security metrics.

Icona documento Open access Icona documento Restricted Icona documento Private


Per ulteriori informazioni, contattare: Librarian http://puma.isti.cnr.it

Valid HTML 4.0 Transitional