Managing Complex IT Security Processes with Value Based Measures

Abercrombie, Robert K; Sheldon, Frederick T; Mili, Ali

Title: Managing Complex IT Security Processes with Value Based Measures

Conference · Thu Jan 01 00:00:00 EST 2009

OSTI ID:962158

Abercrombie, Robert K ^[1]; Sheldon, Frederick T ^[1]; Mili, Ali ^[2]

ORNL
New Jersey Insitute of Technology

Current trends indicate that IT security measures will need to greatly expand to counter the ever increasingly sophisticated, well-funded and/or economically motivated threat space. Traditional risk management approaches provide an effective method for guiding courses of action for assessment, and mitigation investments. However, such approaches no matter how popular demand very detailed knowledge about the IT security domain and the enterprise/cyber architectural context. Typically, the critical nature and/or high stakes require careful consideration and adaptation of a balanced approach that provides reliable and consistent methods for rating vulnerabilities. As reported in earlier works, the Cyberspace Security Econometrics System provides a comprehensive measure of reliability, security and safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders interests in that requirement. This paper advocates a dependability measure that acknowledges the aggregate structure of complex system specifications, and accounts for variations by stakeholder, by specification components, and by verification and validation impact.

OSTI does not have a digital full text copy available. For more information, please see document availability, search WorldCat, or search Google Scholar.

Cite

Export

Save

Research Organization:: Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States). National Center for Computational Sciences (NCCS)

Sponsoring Organization:: Work for Others (WFO)

DOE Contract Number:: DE-AC05-00OR22725

OSTI ID:: 962158

Resource Relation:: Conference: 2009 IEEE Symposium on Computational Intelligence in Cyber Security (IEEE CICS 2009), Nashville, TN, USA, 20090330, 20090402

Country of Publication:: United States

Language:: English

Similar Records

Synopsis of Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission Value

Conference · Mon Dec 01 00:00:00 EST 2008 · OSTI ID:962158

Abercrombie, Robert K.; Sheldon, Frederick T.; Mili, Ali

Cyberspace Security Econometrics System (CSES) - U.S. Copyright TXu 1-901-039

Book · Wed Jan 01 00:00:00 EST 2014 · OSTI ID:962158

Abercrombie, Robert K; Schlicher, Bob G; Sheldon, Frederick T; +2 more

Methodology for Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission

Conference · Thu Jan 01 00:00:00 EST 2009 · OSTI ID:962158

Sheldon, Frederick T; Abercrombie, Robert K; Mili, Ali

Related Subjects

97 MATHEMATICS AND COMPUTING
99 GENERAL AND MISCELLANEOUS//MATHEMATICS, COMPUTING, AND INFORMATION SCIENCE
COMPUTER NETWORKS
INFORMATION SYSTEMS
SECURITY
CRYPTOGRAPHY
RELIABILITY
VALIDATION
VERIFICATION
Cyberspace Security Econometrics System
Complex IT security process
Enterprise-cyber econometrics
Ffinancial data processing
Investment
Risk management
Security of data
Methodology
Cyber Security Performance Indicators
Stakeholder Mission

Title: Managing Complex IT Security Processes with Value Based Measures

Citation Formats

Similar Records

Related Subjects