Increasing measurability and meaningfulness of adaptive security monitoring by system architectural design and mechanisms

Reijo Savola, Petri Heinonen

Research output: Contribution to journalArticleScientificpeer-review

Abstract

Decision-making in adaptive security management relies on sufficient and credible security evidence gathered from the system under investigation, expressed and interpreted in the form of metrics. If security measurability is not paid enough attention in advance, the availability and attainability of security evidence is often a major challenge. We propose and analyze practical and systematic security-measurabilityenhancing mechanisms and system architectural design choices that enable and support adaptive and distributed security monitoring of software-intensive systems. The mechanisms are discussed in detail in the context of an adaptive, distributed message-oriented system. Examples of associated security monitoring techniques implemented in this environment are given. The study also discusses the feasibility of the proposed mechanisms. Security-measurability-enhancing mechanisms are crucial to the wider acceptance of security metrics, measurements, and associated tools and methods.
Original languageEnglish
Pages (from-to)1-19
Number of pages19
JournalInternational Journal on Advances in Systems and Measurements
Volume4
Issue number1-2
Publication statusPublished - 2011
MoE publication typeA1 Journal article-refereed

Fingerprint

Architectural design
Monitoring
Decision making
Availability

Keywords

  • Security monitoring
  • security metrics
  • adaptive security management
  • security measurability
  • message-oriented systems

Cite this

@article{e337537f599042b4ad482cec21ad79e6,
title = "Increasing measurability and meaningfulness of adaptive security monitoring by system architectural design and mechanisms",
abstract = "Decision-making in adaptive security management relies on sufficient and credible security evidence gathered from the system under investigation, expressed and interpreted in the form of metrics. If security measurability is not paid enough attention in advance, the availability and attainability of security evidence is often a major challenge. We propose and analyze practical and systematic security-measurabilityenhancing mechanisms and system architectural design choices that enable and support adaptive and distributed security monitoring of software-intensive systems. The mechanisms are discussed in detail in the context of an adaptive, distributed message-oriented system. Examples of associated security monitoring techniques implemented in this environment are given. The study also discusses the feasibility of the proposed mechanisms. Security-measurability-enhancing mechanisms are crucial to the wider acceptance of security metrics, measurements, and associated tools and methods.",
keywords = "Security monitoring, security metrics, adaptive security management, security measurability, message-oriented systems",
author = "Reijo Savola and Petri Heinonen",
year = "2011",
language = "English",
volume = "4",
pages = "1--19",
journal = "International Journal on Advances in Systems and Measurements",
issn = "1942-261X",
publisher = "International Academy, Research, and Industry Association IARIA",
number = "1-2",

}

Increasing measurability and meaningfulness of adaptive security monitoring by system architectural design and mechanisms. / Savola, Reijo; Heinonen, Petri.

In: International Journal on Advances in Systems and Measurements, Vol. 4, No. 1-2, 2011, p. 1-19.

Research output: Contribution to journalArticleScientificpeer-review

TY - JOUR

T1 - Increasing measurability and meaningfulness of adaptive security monitoring by system architectural design and mechanisms

AU - Savola, Reijo

AU - Heinonen, Petri

PY - 2011

Y1 - 2011

N2 - Decision-making in adaptive security management relies on sufficient and credible security evidence gathered from the system under investigation, expressed and interpreted in the form of metrics. If security measurability is not paid enough attention in advance, the availability and attainability of security evidence is often a major challenge. We propose and analyze practical and systematic security-measurabilityenhancing mechanisms and system architectural design choices that enable and support adaptive and distributed security monitoring of software-intensive systems. The mechanisms are discussed in detail in the context of an adaptive, distributed message-oriented system. Examples of associated security monitoring techniques implemented in this environment are given. The study also discusses the feasibility of the proposed mechanisms. Security-measurability-enhancing mechanisms are crucial to the wider acceptance of security metrics, measurements, and associated tools and methods.

AB - Decision-making in adaptive security management relies on sufficient and credible security evidence gathered from the system under investigation, expressed and interpreted in the form of metrics. If security measurability is not paid enough attention in advance, the availability and attainability of security evidence is often a major challenge. We propose and analyze practical and systematic security-measurabilityenhancing mechanisms and system architectural design choices that enable and support adaptive and distributed security monitoring of software-intensive systems. The mechanisms are discussed in detail in the context of an adaptive, distributed message-oriented system. Examples of associated security monitoring techniques implemented in this environment are given. The study also discusses the feasibility of the proposed mechanisms. Security-measurability-enhancing mechanisms are crucial to the wider acceptance of security metrics, measurements, and associated tools and methods.

KW - Security monitoring

KW - security metrics

KW - adaptive security management

KW - security measurability

KW - message-oriented systems

M3 - Article

VL - 4

SP - 1

EP - 19

JO - International Journal on Advances in Systems and Measurements

JF - International Journal on Advances in Systems and Measurements

SN - 1942-261X

IS - 1-2

ER -