Methodologies and Approaches to Measure Security
Ladda ner
Typ
Examensarbete för masterexamen
Master Thesis
Master Thesis
Program
Computer systems and networks (MPCSN), MSc
Publicerad
2016
Författare
Nyangira, Faustine
T. Ngoma, Marvin
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
Security has today become a topic of cardinal interest in many companies and or- ganisations. To deal with security and its management, it is a good idea to be able to quantify it in order to know how secure a given system is, i.e. to metricate security.Many approaches to security metrication have been suggested, but most of them rely upon experts’ subjective judgement rather than being based on objective mea- sures or scientifically sound methodology. Further, there is a large diversity in the existing metrication methods with respect to approach, objectives, goals and result. This calls for a systematisation and structuring of the field in order to get better knowledge of the benefits and usage of different metrication methods. The goal of this work is to study the methodologies and approaches towards metri- cation activities as suggested by various stakeholders. Specifically, we will look at how each approach develops, selects and implements information level measures for the purpose of showing the effectiveness and efficiency of the security objectives and their related activities. We will then analyse how these measures can be used by an organization for the identification of the adequacy of its implemented processes, policies and procedures. Nevertheless, we will propose a systematized model for measuring security and devising security metrics.
Beskrivning
Ämne/nyckelord
Data- och informationsvetenskap , Computer and Information Science