Defining and Computing a Valued Based Cyber-Security Measure
Journal Article
·
· Information Systems and e-Business Management
- University of Tunis, Belvedere, Tunisia
- ORNL
- New Jersey Insitute of Technology
In earlier work, we presented a value based measure of cybersecurity that quantifies the security of a system in concrete terms, specifically, in terms of how much each system stakeholder stands to lose (in dollars per hour of operation) as a result of security threats and system vulnerabilities; our metric varies according to the stakes that each stakeholder has in meeting each security requirement. In this paper, we discuss the specification and design of a system that collects, updates, and maintains all the information that pertains to estimating our cybersecurity measure, and offers stakeholders quantitative means to make security-related decisions.
- Research Organization:
- Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- DE-AC05-00OR22725
- OSTI ID:
- 1057509
- Journal Information:
- Information Systems and e-Business Management, Vol. 10, Issue 4; ISSN 1617--9846
- Country of Publication:
- United States
- Language:
- English
Similar Records
Defining and Computing a Valued Based Cyber Security Measure
Defining and Computing a Value Based Cyber-Security Measure
Cryptographic Key Management and Critical Risk Assessment
Journal Article
·
Sat Jan 01 00:00:00 EST 2011
· Information Systems and e-Business Management
·
OSTI ID:1057509
+1 more
Defining and Computing a Value Based Cyber-Security Measure
Conference
·
Sat Jan 01 00:00:00 EST 2011
·
OSTI ID:1057509
+1 more
Cryptographic Key Management and Critical Risk Assessment
Technical Report
·
Thu May 01 00:00:00 EDT 2014
·
OSTI ID:1057509