Security meter: A practical decision-tree model to quantify risk

被引:35
作者
Sahinoglu, M
机构
[1] Computer Science Department, Troy University
来源
IEEE SECURITY & PRIVACY | 2005年 / 3卷 / 03期
关键词
D O I
10.1109/MSP.2005.81
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Security meter, a model that provides a purely quantitative and semiquantitative alternative to frequently used qualitative models, is discussed. The model includes a description of the input and output in a probabilistic decision-tree-diagram, traditionally, risk scenarios involve possible chance based catastrophic failures with scarce modeling of maliciously designed human intervention that threaten inherent system vulnerabilities. Risk management is the total process of identifying, measuring, and minimizing the uncertain events that can affect resources.
引用
收藏
页码:18 / 24
页数:7
相关论文
共 11 条
[1]  
FORNI E, 2002, CERTIFICATION ACCRED
[2]  
FROCHT KA, 1994, COMPUTER SECURITY MA
[3]  
OMNRF, 2020, P IFIP C APPROVING S
[4]   Software security testing [J].
Potter, B ;
McGraw, G .
IEEE SECURITY & PRIVACY, 2004, 2 (05) :81-85
[5]   An empirical Bayesian stopping rule in testing and verification of behavioral models [J].
Sahinoglu, M .
IEEE TRANSACTIONS ON INSTRUMENTATION AND MEASUREMENT, 2003, 52 (05) :1428-1443
[6]   Stochastic Bayes measures to compare forecast accuracy of software-reliability models [J].
Sahinoglu, M ;
Deely, JJ ;
Capar, S .
IEEE TRANSACTIONS ON RELIABILITY, 2001, 50 (01) :92-97
[7]  
SAHINOGLU M, 2003, 1134116 TXU US COP O
[8]  
SAHINOGLU M, 2005, IEEE T INSTRUMENTATI, V54
[9]  
SCHERER SA, 1992, SOFTWARE FAILURE RIS
[10]  
Schneier B, 1995, Applied Cryptography, V2nd
12