Towards a taxonomy for information security metrics

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

34 Citations (Scopus)

Abstract

Systematic approaches to measuring security are needed in order to obtain evidence of the security performance of products or an organization. In this study we survey the emerging security metrics approaches from the academic, governmental and industrial perspectives and aim to bridge the gap between information security management and Information and Communication Technology (ICT) product security practices. If common metrics approaches between different security disciplines can be found, this will advance our holistic understanding and capabilities, both in management and engineering practices.
Original languageEnglish
Title of host publicationProceedings of the 2007 ACM Workshop on Quality of Protection, QoP’07
Place of PublicationUS
PublisherAssociation for Computing Machinery ACM
Pages28-30
ISBN (Print)978-1-59593-885-5
DOIs
Publication statusPublished - 2007
MoE publication typeA4 Article in a conference publication
Event14th ACM Conference on Computer and Communications Security, CCS07 - Alexandria, Virginia, United States
Duration: 29 Oct 2007 → …

Conference

Conference14th ACM Conference on Computer and Communications Security, CCS07
Abbreviated titleCCS07
CountryUnited States
CityAlexandria, Virginia
Period29/10/07 → …

Fingerprint

Taxonomies
Security of data
Communication

Cite this

Savola, R. (2007). Towards a taxonomy for information security metrics. In Proceedings of the 2007 ACM Workshop on Quality of Protection, QoP’07 (pp. 28-30). US: Association for Computing Machinery ACM. https://doi.org/10.1145/1314257.1314266
Savola, Reijo. / Towards a taxonomy for information security metrics. Proceedings of the 2007 ACM Workshop on Quality of Protection, QoP’07. US : Association for Computing Machinery ACM, 2007. pp. 28-30
@inproceedings{ab1b705f38ad4301bb419ba6f81e3bae,
title = "Towards a taxonomy for information security metrics",
abstract = "Systematic approaches to measuring security are needed in order to obtain evidence of the security performance of products or an organization. In this study we survey the emerging security metrics approaches from the academic, governmental and industrial perspectives and aim to bridge the gap between information security management and Information and Communication Technology (ICT) product security practices. If common metrics approaches between different security disciplines can be found, this will advance our holistic understanding and capabilities, both in management and engineering practices.",
author = "Reijo Savola",
year = "2007",
doi = "10.1145/1314257.1314266",
language = "English",
isbn = "978-1-59593-885-5",
pages = "28--30",
booktitle = "Proceedings of the 2007 ACM Workshop on Quality of Protection, QoP’07",
publisher = "Association for Computing Machinery ACM",
address = "United States",

}

Savola, R 2007, Towards a taxonomy for information security metrics. in Proceedings of the 2007 ACM Workshop on Quality of Protection, QoP’07. Association for Computing Machinery ACM, US, pp. 28-30, 14th ACM Conference on Computer and Communications Security, CCS07, Alexandria, Virginia, United States, 29/10/07. https://doi.org/10.1145/1314257.1314266

Towards a taxonomy for information security metrics. / Savola, Reijo.

Proceedings of the 2007 ACM Workshop on Quality of Protection, QoP’07. US : Association for Computing Machinery ACM, 2007. p. 28-30.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - Towards a taxonomy for information security metrics

AU - Savola, Reijo

PY - 2007

Y1 - 2007

N2 - Systematic approaches to measuring security are needed in order to obtain evidence of the security performance of products or an organization. In this study we survey the emerging security metrics approaches from the academic, governmental and industrial perspectives and aim to bridge the gap between information security management and Information and Communication Technology (ICT) product security practices. If common metrics approaches between different security disciplines can be found, this will advance our holistic understanding and capabilities, both in management and engineering practices.

AB - Systematic approaches to measuring security are needed in order to obtain evidence of the security performance of products or an organization. In this study we survey the emerging security metrics approaches from the academic, governmental and industrial perspectives and aim to bridge the gap between information security management and Information and Communication Technology (ICT) product security practices. If common metrics approaches between different security disciplines can be found, this will advance our holistic understanding and capabilities, both in management and engineering practices.

U2 - 10.1145/1314257.1314266

DO - 10.1145/1314257.1314266

M3 - Conference article in proceedings

SN - 978-1-59593-885-5

SP - 28

EP - 30

BT - Proceedings of the 2007 ACM Workshop on Quality of Protection, QoP’07

PB - Association for Computing Machinery ACM

CY - US

ER -

Savola R. Towards a taxonomy for information security metrics. In Proceedings of the 2007 ACM Workshop on Quality of Protection, QoP’07. US: Association for Computing Machinery ACM. 2007. p. 28-30 https://doi.org/10.1145/1314257.1314266