Paper Info
Title
Towards an abstraction layer for security assurance measurements: (invited paper)
Abstract
Measurement of any complex, operational system is challenging due to the continuous independent evolution of the components. Security risks introduce another dimension of dynamicity, reflected to risk management and security assurance activities. The availability of different measurements and their properties will vary during the overall system lifecycle. To be useful, a measurement framework in this context needs to be able to adapt to both the changes in the target of measurement and in the available measurement infrastructure. In this study, we introduce a taxonomy-based approach for relating the available and attainable measurements to the measurement requirements of security assurance plans by providing an Abstraction Layer that makes it easier to manage these dynamic features. The introduced approach is investigated in terms of a security assurance case example of firewall functionality in a Push E-mail service system.
Year
DOI
Venue
2010
10.1145/1842752.1842791
ECSA Companion Volume
Keywords
Field
DocType
abstraction layer,push e-mail service system,security assurance plan,security assurance activity,attainable measurement,security assurance case example,measurement requirement,available measurement infrastructure,security risk,security assurance measurement,measurement framework,different measurement,risk management,service system,taxonomy,abstraction,measurement,operating system
Abstraction,Systems engineering,Firewall (construction),Software security assurance,Computer science,Service system,Operational system,Risk management,System lifecycle,Abstraction layer
Conference
Citations 
PageRank 
References 
6
0.57
12
Authors
11
Name
Order
Citations
PageRank
Teemu Kanstrén13610.59
Reijo Savola231835.00
Antti Evesti310211.02
Heimo Pentikäinen4111.47
Artur Hecker5668.58
Moussa Ouedraogo6698.71
Kimmo Hätönen7398.38
Perttu Halonen8323.14
Christophe Blad960.57
Oscar López10304.27
Saioa Ros1160.57