Towards a taxonomy for information security metrics

Reijo Savola

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    43 Citations (Scopus)


    Systematic approaches to measuring security are needed in order to obtain evidence of the security performance of products or an organization. In this study we survey the emerging security metrics approaches from the academic, governmental and industrial perspectives and aim to bridge the gap between information security management and Information and Communication Technology (ICT) product security practices. If common metrics approaches between different security disciplines can be found, this will advance our holistic understanding and capabilities, both in management and engineering practices.
    Original languageEnglish
    Title of host publicationProceedings of the 2007 ACM Workshop on Quality of Protection, QoP’07
    Place of PublicationUS
    PublisherAssociation for Computing Machinery ACM
    ISBN (Print)978-1-59593-885-5
    Publication statusPublished - 2007
    MoE publication typeA4 Article in a conference publication
    Event14th ACM Conference on Computer and Communications Security, CCS07 - Alexandria, Virginia, United States
    Duration: 29 Oct 2007 → …


    Conference14th ACM Conference on Computer and Communications Security, CCS07
    Abbreviated titleCCS07
    Country/TerritoryUnited States
    CityAlexandria, Virginia
    Period29/10/07 → …


    Dive into the research topics of 'Towards a taxonomy for information security metrics'. Together they form a unique fingerprint.

    Cite this