Show simple item record

dc.contributor.authorWen, Shao-Fang
dc.contributor.authorShukla, Ankur
dc.contributor.authorKatt, Basel
dc.date.accessioned2023-01-09T11:44:49Z
dc.date.available2023-01-09T11:44:49Z
dc.date.created2022-08-16T08:49:53Z
dc.date.issued2022
dc.identifier.citationJournal of Cybersecurity and Privacy (JCP). 2022, 2 (3), 587-605.en_US
dc.identifier.issn2624-800X
dc.identifier.urihttps://hdl.handle.net/11250/3041939
dc.description.abstractSecurity assurance (SA) is a technique that helps organizations to appraise the trust and confidence that a system can be operated correctly and securely. To foster effective SA, there must be systematic techniques to reflect the fact that the system meets its security requirements and, at the same time, is resilient against security vulnerabilities and failures. Quantitative SA evaluation applies computational and mathematical techniques for deriving a set of SA metrics to express the assurance level that a system reaches. Such metrics are intended to quantify the strength and weaknesses of the system that can be used to support improved decision making and strategic planning initiatives. Utilizing metrics to capture and evaluate a system’s security posture has gained attention in recent years. However, scarce work has described how to combine SA evaluation while taking into account both SA metrics modeling and analysis. This paper aims to develop a novel approach for the modeling, calculation, and analysis of SA metrics that could ultimately enhance quantitative SA evaluation.en_US
dc.language.isoengen_US
dc.publisherMDPIen_US
dc.rightsNavngivelse 4.0 Internasjonal*
dc.rights.urihttp://creativecommons.org/licenses/by/4.0/deed.no*
dc.subjectsecurity assurance; quantitative approach; security metrics; analyticsen_US
dc.titleDeveloping Security Assurance Metrics to Support Quantitative Security Assurance Evaluationen_US
dc.title.alternativeDeveloping Security Assurance Metrics to Support Quantitative Security Assurance Evaluationen_US
dc.typeJournal articleen_US
dc.typePeer revieweden_US
dc.description.versionpublishedVersionen_US
dc.source.pagenumber587-605en_US
dc.source.volume2en_US
dc.source.journalJournal of Cybersecurity and Privacy (JCP)en_US
dc.source.issue3en_US
dc.identifier.doi10.3390/jcp2030030
dc.identifier.cristin2043257
cristin.ispublishedtrue
cristin.fulltextoriginal
cristin.qualitycode1


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record

Navngivelse 4.0 Internasjonal
Except where otherwise noted, this item's license is described as Navngivelse 4.0 Internasjonal