Increasing measurability and meaningfulness of adaptive security monitoring by system architectural design and mechanisms

Reijo Savola, Petri Heinonen

    Research output: Contribution to journalArticleScientificpeer-review

    Abstract

    Decision-making in adaptive security management relies on sufficient and credible security evidence gathered from the system under investigation, expressed and interpreted in the form of metrics. If security measurability is not paid enough attention in advance, the availability and attainability of security evidence is often a major challenge. We propose and analyze practical and systematic security-measurabilityenhancing mechanisms and system architectural design choices that enable and support adaptive and distributed security monitoring of software-intensive systems. The mechanisms are discussed in detail in the context of an adaptive, distributed message-oriented system. Examples of associated security monitoring techniques implemented in this environment are given. The study also discusses the feasibility of the proposed mechanisms. Security-measurability-enhancing mechanisms are crucial to the wider acceptance of security metrics, measurements, and associated tools and methods.
    Original languageEnglish
    Pages (from-to)1-19
    Number of pages19
    JournalInternational Journal on Advances in Systems and Measurements
    Volume4
    Issue number1-2
    Publication statusPublished - 2011
    MoE publication typeA1 Journal article-refereed

    Fingerprint

    Architectural design
    Monitoring
    Decision making
    Availability

    Keywords

    • Security monitoring
    • security metrics
    • adaptive security management
    • security measurability
    • message-oriented systems

    Cite this

    @article{e337537f599042b4ad482cec21ad79e6,
    title = "Increasing measurability and meaningfulness of adaptive security monitoring by system architectural design and mechanisms",
    abstract = "Decision-making in adaptive security management relies on sufficient and credible security evidence gathered from the system under investigation, expressed and interpreted in the form of metrics. If security measurability is not paid enough attention in advance, the availability and attainability of security evidence is often a major challenge. We propose and analyze practical and systematic security-measurabilityenhancing mechanisms and system architectural design choices that enable and support adaptive and distributed security monitoring of software-intensive systems. The mechanisms are discussed in detail in the context of an adaptive, distributed message-oriented system. Examples of associated security monitoring techniques implemented in this environment are given. The study also discusses the feasibility of the proposed mechanisms. Security-measurability-enhancing mechanisms are crucial to the wider acceptance of security metrics, measurements, and associated tools and methods.",
    keywords = "Security monitoring, security metrics, adaptive security management, security measurability, message-oriented systems",
    author = "Reijo Savola and Petri Heinonen",
    year = "2011",
    language = "English",
    volume = "4",
    pages = "1--19",
    journal = "International Journal on Advances in Systems and Measurements",
    issn = "1942-261X",
    publisher = "International Academy, Research, and Industry Association IARIA",
    number = "1-2",

    }

    Increasing measurability and meaningfulness of adaptive security monitoring by system architectural design and mechanisms. / Savola, Reijo; Heinonen, Petri.

    In: International Journal on Advances in Systems and Measurements, Vol. 4, No. 1-2, 2011, p. 1-19.

    Research output: Contribution to journalArticleScientificpeer-review

    TY - JOUR

    T1 - Increasing measurability and meaningfulness of adaptive security monitoring by system architectural design and mechanisms

    AU - Savola, Reijo

    AU - Heinonen, Petri

    PY - 2011

    Y1 - 2011

    N2 - Decision-making in adaptive security management relies on sufficient and credible security evidence gathered from the system under investigation, expressed and interpreted in the form of metrics. If security measurability is not paid enough attention in advance, the availability and attainability of security evidence is often a major challenge. We propose and analyze practical and systematic security-measurabilityenhancing mechanisms and system architectural design choices that enable and support adaptive and distributed security monitoring of software-intensive systems. The mechanisms are discussed in detail in the context of an adaptive, distributed message-oriented system. Examples of associated security monitoring techniques implemented in this environment are given. The study also discusses the feasibility of the proposed mechanisms. Security-measurability-enhancing mechanisms are crucial to the wider acceptance of security metrics, measurements, and associated tools and methods.

    AB - Decision-making in adaptive security management relies on sufficient and credible security evidence gathered from the system under investigation, expressed and interpreted in the form of metrics. If security measurability is not paid enough attention in advance, the availability and attainability of security evidence is often a major challenge. We propose and analyze practical and systematic security-measurabilityenhancing mechanisms and system architectural design choices that enable and support adaptive and distributed security monitoring of software-intensive systems. The mechanisms are discussed in detail in the context of an adaptive, distributed message-oriented system. Examples of associated security monitoring techniques implemented in this environment are given. The study also discusses the feasibility of the proposed mechanisms. Security-measurability-enhancing mechanisms are crucial to the wider acceptance of security metrics, measurements, and associated tools and methods.

    KW - Security monitoring

    KW - security metrics

    KW - adaptive security management

    KW - security measurability

    KW - message-oriented systems

    M3 - Article

    VL - 4

    SP - 1

    EP - 19

    JO - International Journal on Advances in Systems and Measurements

    JF - International Journal on Advances in Systems and Measurements

    SN - 1942-261X

    IS - 1-2

    ER -