Article

Is risk a good security metric?

Author:

O. Sami SaydjariAuthors Info & Claims

QoP '06: Proceedings of the 2nd ACM workshop on Quality of protection

Pages 59 - 60

https://doi.org/10.1145/1179494.1179508

Published: 30 October 2006 Publication History

Get Access

Abstract

Why measuring security? To make good decisions about how to design security countermeasures, to choose between alternative security architectures, and to improve security during design and operations. This panel brings together a number security experts to relate their perspectives on what makes a good security metric, how risk analysis, one of the most widely used metric, stacks up against those criteria and what alternative metrics of security could be considered. The goal of this short introduction is to both start and stimulate the discussion in the panel and let readers get some insight into the sorts of issues that would be discussed by the panel.

Cited By

View all

Lei MZhao LPourzandi MMoghaddam F(2022)A Hybrid Decision-making Approach to Security Metrics Aggregation in Cloud Environments2022 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)10.1109/CloudCom55334.2022.00034(178-185)Online publication date: Dec-2022
https://doi.org/10.1109/CloudCom55334.2022.00034
Francia III G(2021)Vehicle Network Security MetricsAdvances in Cybersecurity Management10.1007/978-3-030-71381-2_4(55-73)Online publication date: 16-Jun-2021
https://doi.org/10.1007/978-3-030-71381-2_4
Francia GEl-Sheikh EChi H(2020)Vehicle Security Learning Tools and Scenarios2020 International Conference on Computational Science and Computational Intelligence (CSCI)10.1109/CSCI51800.2020.00022(88-92)Online publication date: Dec-2020
https://doi.org/10.1109/CSCI51800.2020.00022
Show More Cited By

Index Terms

Is risk a good security metric?
1. Software and its engineering
  1. Software creation and management
    1. Software development techniques
      1. Reusability
        Software product lines
    2. Software verification and validation
      1. Process validation

Recommendations

First International Workshop on Measurability of Security in Software Architectures -- MeSSa 2010
ECSA '10: Proceedings of the Fourth European Conference on Software Architecture: Companion Volume

The growing complexity of service-centric systems has increased the need for pertinent and reliable software security and trusted system solutions. Systematic approaches to measuring security in software architectures are needed in order to obtain ...
Security as a theoretical attribute construct

This paper provides an overview of the field of security metrics and discusses results of a survey of security experts on the topic. It describes a new framework for developing security metrics that focuses on effectiveness measures while maintaining ...
STRAM: Measuring the Trustworthiness of Computer-Based Systems

Various system metrics have been proposed for measuring the quality of computer-based systems, such as dependability and security metrics for estimating their performance and security characteristics. As computer-based systems grow in complexity with ...

Comments

Information & Contributors

Information

Published In

QoP '06: Proceedings of the 2nd ACM workshop on Quality of protection

October 2006

70 pages

ISBN:1595935533

DOI:10.1145/1179494

Program Chairs:
Guenter Karjoth
IBM Research, CH
,
Fabio Massacci
University di Trento, IT

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 October 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

CCS06

Sponsor:

CCS06: 13th ACM Conference on Computer and Communications Security 2006

October 30, 2006

Virginia, Alexandria, USA

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

17
Total Citations
View Citations
965
Total Downloads

Downloads (Last 12 months)6
Downloads (Last 6 weeks)1

Reflects downloads up to 04 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Lei MZhao LPourzandi MMoghaddam F(2022)A Hybrid Decision-making Approach to Security Metrics Aggregation in Cloud Environments2022 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)10.1109/CloudCom55334.2022.00034(178-185)Online publication date: Dec-2022
https://doi.org/10.1109/CloudCom55334.2022.00034
Francia III G(2021)Vehicle Network Security MetricsAdvances in Cybersecurity Management10.1007/978-3-030-71381-2_4(55-73)Online publication date: 16-Jun-2021
https://doi.org/10.1007/978-3-030-71381-2_4
Francia GEl-Sheikh EChi H(2020)Vehicle Security Learning Tools and Scenarios2020 International Conference on Computational Science and Computational Intelligence (CSCI)10.1109/CSCI51800.2020.00022(88-92)Online publication date: Dec-2020
https://doi.org/10.1109/CSCI51800.2020.00022
Yee G(2019)Designing Sound Security MetricsInternational Journal of Systems and Software Security and Protection10.4018/IJSSSP.201901010110:1(1-21)Online publication date: 1-Jan-2019
https://dl.acm.org/doi/10.4018/IJSSSP.2019010101
Zanzig JFrancia III GFrancia X(2019)Practical Guidance in Achieving Successful Change Management in Information System EnvironmentsNew Perspectives on Information Systems Modeling and Design10.4018/978-1-5225-7271-8.ch003(41-66)Online publication date: 2019
https://doi.org/10.4018/978-1-5225-7271-8.ch003
Imamverdiyev Y(2016)E-services security assessment model2016 IEEE 10th International Conference on Application of Information and Communication Technologies (AICT)10.1109/ICAICT.2016.7991772(1-4)Online publication date: Oct-2016
https://doi.org/10.1109/ICAICT.2016.7991772
Imamverdiyev YSukhostat L(2016)Anomaly detection in network traffic using extreme learning machine2016 IEEE 10th International Conference on Application of Information and Communication Technologies (AICT)10.1109/ICAICT.2016.7991732(1-4)Online publication date: Oct-2016
https://doi.org/10.1109/ICAICT.2016.7991732
Boehmer W(2015)Do We Need Security Management Systems for Data Privacy?Handbook of Research on Emerging Developments in Data Privacy10.4018/978-1-4666-7381-6.ch013(263-299)Online publication date: 2015
https://doi.org/10.4018/978-1-4666-7381-6.ch013
Antunes NVieira M(2015)On the Metrics for Benchmarking Vulnerability Detection ToolsProceedings of the 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks10.1109/DSN.2015.30(505-516)Online publication date: 22-Jun-2015
https://dl.acm.org/doi/10.1109/DSN.2015.30
Francia III GFrancia X(2014)Critical Infrastructure Protection and Security BenchmarksEncyclopedia of Information Science and Technology, Third Edition10.4018/978-1-4666-5888-2.ch419(4267-4278)Online publication date: 31-Jul-2014
https://doi.org/10.4018/978-1-4666-5888-2.ch419
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

First International Workshop on Measurability of Security in Software Architectures -- MeSSa 2010

Security as a theoretical attribute construct

STRAM: Measuring the Trustworthiness of Computer-Based Systems