Formal analysis of security metrics and risk

Krautsevich, Leanid; Martinelli, Fabio; Yautsiukhin, Artsiom

conference paper

oai:pumaoai.isti.cnr.it:cnr.iit/cnr.iit/2011-A2-008

Formal analysis of security metrics and risk

Authors: Leanid Krautsevich
Fabio Martinelli
Artsiom Yautsiukhin
Publication date: 2011
Publisher: Springer Berlin Heidelberg
Doi

Abstract

Security metrics are usually defined informally and, therefore, the rigourous analysis of these metrics is a hard task. This analysis is required to identify the existing relations between the security metrics, which try to quantify the same quality: security. Risk, computed as Annualised Loss Expectancy, is often used in order to give the overall assessment of security as a whole. Risk and security metrics are usually defined separately and the relation between these indicators have not been considered thoroughly. In this work we fill this gap by providing a formal definition of risk and formal analysis of relations between security metrics and risk

Similar works

Full text

PUblication MAnagement

oai:pumaoai.isti.cnr.it:cnr.ii...

Last time updated on 27/05/2016

This paper was published in PUblication MAnagement.

Having an issue?

Is data on this page outdated, violates copyrights or anything else? Report the problem now and we will take corresponding actions after reviewing your request.