Towards security evaluation based on evidence information collection and impact analysis

Reijo Savola, Juha Röning

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

Abstract

Information security evaluation of software intensive systems typically relies heavily on the experience of the security professionals. Obviously, automated approaches are needed in this field. Unfortunately, there is no practical approach to carrying out security evaluation in a systematic way. We introduce a general-level framework for security evaluation based on security behavior modeling and security evidence collection, and discuss its applicability to the design of security evaluation experimentation set-ups in real-world systems.
Original languageEnglish
Title of host publicationSupplemental Proceedings of the International Conference on Dependable Systems and Networks, DSN 2006
Place of PublicationLos Alamitos, CA
Pages113-118
ISBN (Electronic)0769526071, 9780769526072
Publication statusPublished - 2006
MoE publication typeA4 Article in a conference publication

Fingerprint

Dive into the research topics of 'Towards security evaluation based on evidence information collection and impact analysis'. Together they form a unique fingerprint.

Cite this