An approach to quantitatively measure Information security
نویسندگان
چکیده
Measuring information security has traditionally been daunting task due to the lack of proper tools. Even more, organizations are concerned about suffering security breaches but, most of the time, justifying security investment is a tough task in the absence of a tangible measurement. In this paper, we propose an approach to quantitatively measure different aspects of information security. The proposal leverages different aspects of risk management, software assurance, audit and control to provide a flexible, easilyupdated, goal-oriented and risk-based information security measurement. We hope that this work is helpful to evaluate the effectiveness of countermeasures and perform benchmark against industry standards and regulations. C.4 [Performance Of Systems]: Measurement techniques General Terms : Security.
منابع مشابه
A New Method for Intrusion Detection Using Genetic Algorithm and Neural network
Abstract— In order to provide complete security in a computer system and to prevent intrusion, intrusion detection systems (IDS) are required to detect if an attacker crosses the firewall, antivirus, and other security devices. Data and options to deal with it. In this paper, we are trying to provide a model for combining types of attacks on public data using combined methods of genetic algorit...
متن کاملRanking of fuzzy numbers based on angle measure
In this paper, a novel approach for ranking fuzzy numbers based on the angle measure is introduced. Several left and right spreads at each chosen levels of fuzzy numbers is used to determine center of mass points(CMPs) and then, the angels between the CMPs and the horizontal axis is calculated. The total angle is determined by averaging the computed angles and finally, the novel method is compa...
متن کاملProposing an effective approach for Network security and multimedia documents classically using encryption and watermarking
Local binary pattern (LBP) operators, which measure the local contrast within a pixel's neighborhood, successfully applied to texture analysis, visual inspection, and image retrieval. In this paper, we recommend a semi blind and informed watermarking approach. The watermark has been built from the original image using Weber Law. The approach aims is to present a high robustness and imperceptibi...
متن کاملQuantitative evaluation of software security: an approach based on UML/SecAM and evidence theory
Quantitative and model-based prediction of security in the architecture design stage facilitates early detection of design faults hence reducing modification costs in subsequent stages of software life cycle. However, an important question arises with respect to the accuracy of input parameters. In practice, security parameters can rarely be estimated accurately due to the lack of sufficient kn...
متن کاملCritical Success Factors in implementing information security governance (Case study: Iranian Central Oil Fields Company)
The oil industry, as one of the main industries of the country, has always faced cyber attacks and security threats. Therefore, the integration of information security in corporate governance is essential and a governance challenge. The integration of information security and corporate governance is called information security governance. In this research, we identified "critical success factor...
متن کامل