Quality of Protection [electronic resource] : Security Measurements and Metrics / edited by Dieter Gollmann, Fabio Massacci, Artsiom Yautsiukhin.
Contributor(s): Gollmann, Dieter [editor.] | Massacci, Fabio [editor.] | Yautsiukhin, Artsiom [editor.] | SpringerLink (Online service).Material type: BookSeries: Advances in Information Security: 23Publisher: Boston, MA : Springer US, 2006Description: XII, 198 p. 20 illus. online resource.Content type: text Media type: computer Carrier type: online resourceISBN: 9780387365848.Subject(s): Computer science | Microprocessors | Computer communication systems | Software engineering | Data structures (Computer science) | Data encryption (Computer science) | Database management | Computer Science | Data Encryption | Data Structures, Cryptology and Information Theory | Computer Communication Networks | Database Management | Software Engineering/Programming and Operating Systems | Processor ArchitecturesAdditional physical formats: Printed edition:: No titleDDC classification: 005.82 Online resources: Click here to access online
|Item type||Current location||Call number||Status||Date due||Barcode|
|e-Books||Bangalore University Library||Available||BUSP002846|
Motivations -- Why to adopt a security metric? A brief survey -- Service-oriented Assurance — Comprehensive Security by Explicit Assurances -- Measurements: Reliability vs Security -- Software Security Growth Modeling: Examining Vulnerabilities with Reliability Growth Models -- A Discrete Lognormal Model for Software Defects Affecting Quality of Protection -- Time-to-Compromise Model for Cyber Risk Reduction Estimation -- Assessing the risk of using vulnerable components -- Collection and analysis of attack data based on honeypots deployed on the Internet -- Quantitative Security Models -- Multilevel Security and Quality of Protection -- A Conceptual Model for Service Availability -- A SLA evaluation methodology in Service Oriented Architectures -- Towards a Notion of Quantitative Security Analysis -- Metrics for Anonymity and Confidentiality -- The Lower Bound of Attacks on Anonymity Systems — A Unicity Distance Approach -- Intersection Attacks on Web-Mixes: Bringing the Theory into Praxis -- Using Guesswork as a Measure for Confidentiality of Selectively Encrypted Messages -- Measuring Inference Exposure in Outsourced Encrypted Databases.
Information security in the business setting has matured in the last few decades. Standards, such as IS017799, the Common Criteria’s, and a number of industry and academic certifications and risk analysis methodologies, have raised the bar on what is considered good security solution, from a business perspective. Yet, the evaluation of security solutions has largely a qualitative flavor. Notions such as Security Metrics, Quality of Protection (QoP) or Protection Level Agreement (PLA) have only surfaced in the literature. Quality of Protection: Security Measurements and Metrics is an edited volume based on the Quality of Protection Workshop at ESORICS 2005, the flagship European Symposium on Research in Computer Security. This book discusses how security research can progress towards a notion of quality of protection in security, comparable to the notion of quality of service in networking and software measurements and metrics, in empirical software engineering. Quality of Protection: Security Measurements and Metrics is designed for a professional audience, composed of researchers and practitioners in industry. This book is also suitable for graduate-level students in computer science and telecommunications. .