Abstract
Decision-making in adaptive security management relies on sufficient and credible security evidence gathered from the system under investigation, expressed and interpreted in the form of metrics. If security measurability is not paid enough attention in advance, the availability and attainability of security evidence is often a major challenge. We propose and analyze practical and systematic security-measurabilityenhancing mechanisms and system architectural design choices that enable and support adaptive and distributed security monitoring of software-intensive systems. The mechanisms are discussed in detail in the context of an adaptive, distributed message-oriented system. Examples of associated security monitoring techniques implemented in this environment are given. The study also discusses the feasibility of the proposed mechanisms. Security-measurability-enhancing mechanisms are crucial to the wider acceptance of security metrics, measurements, and associated tools and methods.
Original language | English |
---|---|
Pages (from-to) | 1-19 |
Number of pages | 19 |
Journal | International Journal on Advances in Systems and Measurements |
Volume | 4 |
Issue number | 1-2 |
Publication status | Published - 2011 |
MoE publication type | A1 Journal article-refereed |
Keywords
- Security monitoring
- security metrics
- adaptive security management
- security measurability
- message-oriented systems