Author_Institution :
Univ. of Illinois at Urbana-Champaign, Urbana, IL, USA
Abstract :
It´s long been well understood that you can calculate useful estimations of systems´ reliability against accidental failure. It´s also well understood that trying to calculate systems´ level of security against possibly intelligent, determined, well-funded, and creative adversaries is a far greater challenge. Nevertheless, even a less-than-perfect predictive capacity, if its limitations are respected, is clearly better than none at all. Without promising perfection, such a capacity would offer crucial support to decision making that impacts system security.
Keywords :
decision making; security of data; accidental failure; decision making; predictive capacity; quantitative security metrics; system reliability estimation; system security; unattainable holy grail; Benchmark testing; Computer security; Estimation; Failure analysis; Prediction models; Risk management; computer security; quantitative security metrics; risk management; security metrics; trustworthy computing;
