Quantitatively Differentiating System Security
نویسنده
چکیده
Security is not considered a priority by developers of shrink-wrap systems because without a means to accurately and understandably measure it, security fails to provide a competitive advantage. I assert that the cost to break into a system is an effective metric, that this metric can be measured from the start of testing until product retirement, and that using this metric to differentiate products will provide developers with the competitive advantage needed to lead the industry to more secure systems.
منابع مشابه
ارائه مدلی جهت استفاده ازعاملهای متحرک در سیستم های تشخیص نفوذ توزیع شده مبتنی بر تئوری بازی
The proposed framework applies two game theoretic models for economic deployment of intrusion detection system (IDS). The first scheme models and analyzes the interaction behaviors of between an attacker and intrusion detection agent within a non-cooperative game, and then the security risk value is derived from the mixed strategy Nash equilibrium. The second scheme uses the security risk value...
متن کاملCooperating Security Management for Mutually Trusted Secure Networks
A network system could be better protected by physically dividing it into administrative management groups according to different access rights. However, to effectively manage a network system, security information sharing is necessary. Since a system could suffer from the same security threats as another system, how to share the security information to prevent a system from the same security f...
متن کاملAnalysing Information Systems Security
The paper describes problems with managing information systems security, due to its complexity and broad scope. Then, a security taxonomy is presented and discussed. The taxonomy is used in conjunction with different approaches to information security analysis, including the evaluation of different cost-benefit criteria. The paper also uses the terms proactive and reactive analysis as a way of ...
متن کاملKeeping An Educational Network Healthy: Differentiating Malicious And Naive Students On An Educational Network Environment
Many information security officers or network system administrators at universities and colleges face the problem of not knowing when students are utilizing the campus network in ways that can affect the image of the university or even cause monetary losses. Improper use of the network could either be willful and maliciously done or perhaps just naïve students unaware of viruses on their comput...
متن کاملNetHost-sensor: Monitoring a target host's application via system calls
Intrusion detection has emerged as an important approach to network, host and application security. Network security includes analysing network packet payload and other inert network packet profiles for intrusive trends; whereas, host security may employ system logs for intrusion detection. In this paper, we contribute to the research community by tackling application security and attempt to de...
متن کامل