A Decision-Theoretic Approach to Measuring Security (Author names omitted for initial submittal)

UNSPECIFIED (2017) A Decision-Theoretic Approach to Measuring Security (Author names omitted for initial submittal). Hawaii International Conference On System Sciences (HICSS).

[img]
Preview
Text
A Decision-Theoretic Approach to Measuring Security.pdf

Download (469kB) | Preview

Abstract

The question “is this system secure?” is notoriously difficult to answer. The question implies that there is a system-wide property called “security,” which we can measure with some meaningful threshold of sufficiency. In this concept paper, we discuss the difficulty of measuring security sufficiency, either directly or through proxy such as the number of known vulnerabilities. We propose that the question can be better addressed by measuring confidence and risk in the decisions that depend on security. A novelty of this approach is that it integrates use of both subjective information (e.g. expert judgment) and empirical data. We investigate how this approach uses well-known methods from the discipline of decision-making under uncertainty to provide a more rigorous and useable measure of security sufficiency.

Item Type: Article
Subjects: T Technology > T Technology (General)
Z Bibliography. Library Science. Information Resources > ZA Information resources
Divisions: Faculty of Industrial Engineering and Informatics > Information System
Depositing User: staff repository 3
Date Deposited: 02 Aug 2018 17:58
Last Modified: 02 Aug 2018 17:58
URI: http://repository.ittelkom-pwt.ac.id/id/eprint/1923

Actions (login required)

View Item View Item