Abstract
Measuring the security of organizations is needed to obtain security evidence. We believe that common security identification and quantification related to system’s functionalities can be extended to be used in other systems. Security measurements are common at the business process layer. This paper supports the development of security metrics according to each function of a related system. An elementary metric quantify risk by system’s function. This leads to improve security risk analysis and communication for decision making.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Jansen, W.A.: NIST IR 7564: Directions in security metrics research. National Institute of Standards and Technology, US Department of Commerce, Gaithersburg (2009)
Wang, L., Singhal, A., Jajodia, S.: Toward measuring network security using attack graphs. In: Proceedings of the 2007 ACM Workshop on Quality of Protection, pp. 49–54. ACM (2007)
Final Report of Task Group IST-049, Improving Common Security Risk Analysis (2008)
Chen, Y., He, W.: Security risks and protection in online learning: a survey. Int. Rev. Res. Open Distrib. Learn. 14(5) (2013)
MohdAlwi, N.H., Fan, I.S.: Threats analysis for e-learning. Int. J. Technol. Enhanced Learn. 2(4), 358–371 (2010)
Rjaibi, N., Rabai, L.B.A.: Expansion and practical implementation of the MFC cybersecurity model via a novel security requirements taxonomy. Int. J. Secure Softw. Eng. (IJSSE) 6(4), 32–51 (2015)
Rjaibi, N., Rabai, L.B.A.: Maximizing security management performance and decision with the MFC cyber-security risk management model. EAI Endorsed Trans. e-Learn. 4(15) (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Rjaibi, N., Rabai, L.B.A. (2019). Functional Specification to Support Security Risk Assessment of Large Systems. In: Silhavy, R. (eds) Software Engineering and Algorithms in Intelligent Systems. CSOC2018 2018. Advances in Intelligent Systems and Computing, vol 763. Springer, Cham. https://doi.org/10.1007/978-3-319-91186-1_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-91186-1_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-91185-4
Online ISBN: 978-3-319-91186-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)