On system security metrics and the definition approaches

Proceedings - 2nd Int. Conf. Emerging Security Inf., Systems and Technologies, SECURWARE 2008, Includes DEPEND 2008: 1st Int. Workshop on Dependability and Security in Complex and Critical Inf. Sys.

Volumn , Issue , 2008, Pages 412-419

  Hecker, Artur ^a  

^a TELECOM PARISTECH   (France)

Author keywords

[No Author keywords available]

Indexed keywords

IS SECURITIES; SECURITY METRIC; SYSTEM SECURITIES;

EID: 55849106311     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SECURWARE.2008.37     Document Type: Conference Paper

References (15)

1. Vaughn R., Henning R., Siraj A. "Information Assurance Measures and Metrics: State of Practice and Proposed Taxonomy", in Proceedings of 36th Hawaii International Conference on System Sciences (HICSS-03), 2003.
2. Nabil Seddigh, Peter Pieda, Ashraf Matrawy, Biswajit Nandy, John Lambadaris and Adam Hatfield, "Current Trends and Advances in Information Assurance Metrics", in proceedings of Privacy-Security-Trust, 2004.
3. WISSRR Workshop Proceedings, "Security System Scoring and Ranking", ACSA, May 2001.
4. Scott Evans, Stephen F. Bush, and John Hershey, "Information Assurance through Kolmogorov Complexity", DISCEX-II 2001, June 2001, Anaheim, California.
5. NIST 800-26, Swanson M., "Security Metrics Guide for Information Technology Systems", National Institute of Standards and Technology Special Publication #800-26. Novembre 2001.
6. NIST 800-55, Swanson M., Nadya B., Sabato J., Hash J., Graffo L., "Security Metrics Guide for Information Technology Systems", National Institute of Standards and Technology Special Publication #800-26, 2003.
7. Canadian IAM, Nandy B., Pieda P., Seddigh N., Lambadaris, J., Matrawy A. and Hatfield A., "Information Assurance Metrics, Public Safety and Emergency Preparedness".
8. SSE-CMM, Systems Security Engineering - Capability Maturing Model, http://www.sse-cmm.org/metric/metric.asp
9. Kotenko I., Stepashkin M., "Security metrics for judging the security level of computer networks on the base of attack graph construction", in Russian, original title: "", INSIDE, N°3, 2006.
10. Pratyusa K. Manadhata and Jeannette M. Wing, "An Attack Surface Metric", USENIX Security Workshop on Security Metrics, Vancouver, BC, August 2006.
11. A. Zuccato, B. Marquet, S. Papillon, M. Alden, "Service oriented modeling of communication infrastructure for assurance", IEEE IA Workshop, 2006.
12. P. Mell, K. Scarfone, S. Romanosky, "A Complete Guide to the Common Vulnerability Scoring System Version 2.0", FIRST, http://www.first.org/ cvss/.
13. NIST, "National Vulnerability Database", Version 2.1, http://nvd.nist.gov/.
14. OSVDB, The Open Source Vulnerability Database, http://osvdb.org/.
15. Stephen Bellovin, "On the brittleness of software and the infeasibility of security metrics", IEEE Security and Privacy, 2006.