Abstract
The lack of appropriate information security solutions in
software-intensive systems can have serious consequences for businesses and
the stakeholders. Carefully designed security metrics can be used to offer
evidence of the security behavior of the system under development or
operation. This study investigates holistic development of security metrics
for a distributed messaging system based on threat analysis, security
requirements, decomposition and use case information. Our approach is thus
requirement-centric. The high-level security requirements are expressed in
terms of lower-level measurable components applying a decomposition approach.
Original language | English |
---|---|
Title of host publication | Proceedings of the 3rd International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2009 |
Place of Publication | Piscataway, NJ |
Publisher | IEEE Institute of Electrical and Electronic Engineers |
Pages | 121-128 |
ISBN (Print) | 978-0-7695-3668-2 |
DOIs | |
Publication status | Published - 2009 |
MoE publication type | A4 Article in a conference publication |
Event | 3rd International Conference on Emerging Security Information, Systems, and Technologies, SECURWARE '09 - Athens, Greece Duration: 18 Jun 2009 → 23 Jun 2009 |
Conference
Conference | 3rd International Conference on Emerging Security Information, Systems, and Technologies, SECURWARE '09 |
---|---|
Abbreviated title | SECURWARE '09 |
Country/Territory | Greece |
City | Athens |
Period | 18/06/09 → 23/06/09 |