Quality-of-Protection (QoP): A Quantitative Methodology to Grade Security Services

Author

Sun, Yan ; Kumar, Anup

Author_Institution

CECS Dept., Univ. of Louisville, Louisville, KY

fYear

2008

fDate

17-20 June 2008

Firstpage

394

Lastpage

399

Abstract

A tree based quality of protection (QoP) evaluation method for cyber system is presented. The elements of a security system structure are represented as normalized weighted tree. We show that our weighted tree representation of security system structure is informative and useful. Based on this unique representation QoP evaluation methodology is introduced and the foundations of QoP modeling and evaluation are established. The important steps in the evaluation process are the introduction of normalized weighted tree which establishes the hierarchy of the requirements of a secure system and the formulation of the normalized weighted tree. This is used to compute the QoP in a quantitative manner. We demonstrate through several examples, how the proposed methodology can assess QoP from a holistic view.

Keywords

security of data; trees (mathematics); cyber system security; grade security service; normalized weighted tree; security system structure; tree based quality-of-protection quantitative evaluation method; Computer science; Computer security; Distributed computing; Fluid flow measurement; Information security; Measurement standards; Protection; Quality of service; Risk analysis; Sun;

fLanguage

English

Publisher

ieee

Conference_Titel

Distributed Computing Systems Workshops, 2008. ICDCS '08. 28th International Conference on

Conference_Location

Beijing

ISSN

1545-0678

Print_ISBN

978-0-7695-3173-1

Electronic_ISBN

1545-0678

Type

conf

DOI

10.1109/ICDCS.Workshops.2008.73

Filename

4577816