Title :
Alternative Security Metrics
Author :
Bayuk, Jennifer L.
Author_Institution :
Stevens Inst. of Technol., Hoboken, NJ, USA
Abstract :
Today´s security metrics support management practices rather than measure system capability to withstand attacks. This eliminates consideration of security features that are not currently used to manage systems as the basis for security metrics. Rather than judge security metrics by a utility standard with respect to current security management practices, they should instead be appreciated for proposing alternatives ways to identify security attributes that may or may not be of use in designing new security management practices. System capabilities such as adaptation to threat, proactive deterrence, and resilience to attack require system capabilities that may be measured using engineering methods for verification and validation of system function.
Keywords :
security of data; security management practices; security metrics; Face; Information security; Measurement; Software; Standards organizations; computer security; data security; metrics; systems engineering;
Conference_Titel :
Information Technology: New Generations (ITNG), 2011 Eighth International Conference on
Conference_Location :
Las Vegas, NV
Print_ISBN :
978-1-61284-427-5
Electronic_ISBN :
978-0-7695-4367-3
DOI :
10.1109/ITNG.2011.162
