Aggregation of Security Metrics for Decision Making: A Reference Architecture
Ahmed, Y. and Naqvi, S. and Josephs, Mark (2018) Aggregation of Security Metrics for Decision Making: A Reference Architecture. In: 12th European Conference on Software Architecture: Companion Proceedings (ECSA 18), 24-28 September 2018, Madrid, Spain.
Full text not available from this repository. (Request a copy)Abstract
Existing security technologies play a significant role in protecting enterprise systems but they are no longer enough on their own given the number of successful cyberattacks against businesses and the sophistication of the tactics used by attackers to bypass the security defences. Security measurement is different to security monitoring in the sense that it provides a means to quantify the security of the systems while security monitoring helps in identifying abnormal events and does not measure the actual state of an infrastructure’s security. The goal of enterprise security metrics is to enable understanding of the overall security using measurements to guide decision making. In this paper we present a reference architecture for aggregating the measurement values from the different components of the system in order to enable stakeholders to see the overall security state of their enterprise systems and to assist with decision making. This will provide a newer dimension to security management by shifting from security monitoring to security measurement.
| Item Type: | Conference or Workshop Item (Paper) |
|---|---|
| Dates: | Date Event 19 July 2018 Accepted 30 September 2018 Published Online |
| Subjects: | CAH11 - computing > CAH11-01 - computing > CAH11-01-01 - computer science |
| Divisions: | Faculty of Computing, Engineering and the Built Environment > College of Computing |
| Depositing User: | Syed Naqvi |
| Date Deposited: | 13 Aug 2018 14:07 |
| Last Modified: | 22 Mar 2023 12:01 |
| URI: | https://www.open-access.bcu.ac.uk/id/eprint/6235 |
Actions (login required)
 |
View Item |
Tools
Tools
