Security as a theoretical attribute construct
نویسنده
چکیده
This paper provides an overview of the field of security metrics and discusses results of a survey of security experts on the topic. It describes a new framework for developing security metrics that focuses on effectiveness measures while maintaining measures of correctness. It introduces a view of security as a theoretical concept which encapsulates multiple aspects of a system. Viewing security as a theoretical attribute construct promotes the recognition that multiple characteristics and features of a system are required to make it secure. The view also motivates a sharp focus on system aspects which exhibit a measurable security attribute. The framework is illustrated with a case study. a 2013 Elsevier Ltd. All rights reserved.
منابع مشابه
ویژگیهای روانسنجی مقیاس احساس امنیت تهران (TFSS)
This research is intended to consider the Psychometric characteristics of Feeling Security Scale (TFSS) in Tehran. 3103 Tehrani citizens filled in this form. The Scale validity was checked for its content Validity (referees contingency coefficient) and construct validity (Factor analysis). The results of referee’s contingency coefficient showed that all the obtained coefficients were above 92% ...
متن کاملA combination of semantic and attribute-based access control model for virtual organizations
A Virtual Organization (VO) consists of some real organizations with common interests, which aims to provide inter organizational associations to reach some common goals by sharing their resources with each other. Providing security mechanisms, and especially a suitable access control mechanism, which enforces the defined security policy is a necessary requirement in VOs. Since VO is a complex ...
متن کاملAttribute-Based Encryption with Key Cloning Protection
In this work, we consider the problem of key cloning in attribute-based encryption schemes. We introduce a new type of attribute-based encryption scheme, called token-based attributebased encryption, that provides strong deterrence for key cloning, in the sense that delegation of keys reveals some personal information about the user. We formalize the security requirements for such a scheme in t...
متن کاملAttribute-based Access Control for Cloud-based Electronic Health Record (EHR) Systems
Electronic health record (EHR) system facilitates integrating patients' medical information and improves service productivity. However, user access to patient data in a privacy-preserving manner is still challenging problem. Many studies concerned with security and privacy in EHR systems. Rezaeibagha and Mu [1] have proposed a hybrid architecture for privacy-preserving accessing patient records...
متن کاملDeniable Attribute Based Encryption for Branching Programs from LWE
Deniable encryption (Canetti et al. CRYPTO ’97) is an intriguing primitive that provides a security guarantee against not only eavesdropping attacks as required by semantic security, but also stronger coercion attacks performed after the fact. The concept of deniability has later demonstrated useful and powerful in many other contexts, such as leakage resilience, adaptive security of protocols,...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Computers & Security
دوره 37 شماره
صفحات -
تاریخ انتشار 2013