Towards Security Evaluation based on Evidence Collection
نویسنده
چکیده
Information security evaluation of software-intensive systems typically relies heavily on the experience of the security professionals. Obviously, automated approaches are needed in this field. Unfortunately, there is no practical approach to carrying out security evaluation in a systematic way. Here we introduce a general-level holistic framework for security evaluation based on security behaviour modelling and security evidence collection, and discuss its applicability to the design of security evaluation experimentation setups in real-world systems.
منابع مشابه
Quantitative evaluation of software security: an approach based on UML/SecAM and evidence theory
Quantitative and model-based prediction of security in the architecture design stage facilitates early detection of design faults hence reducing modification costs in subsequent stages of software life cycle. However, an important question arises with respect to the accuracy of input parameters. In practice, security parameters can rarely be estimated accurately due to the lack of sufficient kn...
متن کاملInvestigating the Effects of Psychological Capital on Evidence-based Clinical Practice of Nurses in Dealing With COVID-19 Patients: The Mediating Role of Psychological Security
Objectives: Given the outbreak of COVID-19 pandemic and its adverse effects on social psychological health, especially nurses, psychological empowerment of nurses can increase their psychological security and improve their clinical performance during critical situations. This study aims to investigate the relationship between nurses’ psychology capital and their clinical performance, with a foc...
متن کاملInformation Security Evaluation based on Requirements, Metrics and Evidence Information
Information security assurance and evaluation of software-intensive systems typically relies heavily on the experience of the security professionals. Obviously, automated approaches are needed in this field. Unfortunately, there is no practical approach to carrying out security evaluation in a systematic way. We introduce an iterative process for security evaluation based on security requiremen...
متن کاملEvaluation of Evidence-Based Nursing Interventions on Fatigue of Hemodialysis Patients in Iran: A Systematic Review
Introduction: Fatigue is one of the most annoying complaints reported in people undergoing hemodialysis. However, the lack of awareness of health care providers about evidence-based interventions in one hand and unavailability of information in a coherent manner on the other hand is an important barrier to taking more effective measures. Therefore, it was decided to investigate evidence-based...
متن کاملUse of Evidence-informed Deliberative Processes by Health Technology Assessment Agencies Around The Globe
Background Evidence-informed deliberative processes (EDPs) were recently introduced to guide health technology assessment (HTA) agencies to improve their processes towards more legitimate decision-making. The EDP framework provides guidance that covers the HTA process, ie, contextual factors, installation of an appraisal committee, selecting health technologies and criteria, assessment, a...
متن کامل