skip to main content
10.1145/1314257.1314275acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
Article

Model-based assurance of security controls

Published: 29 October 2007 Publication History

Abstract

We present an innovative way to assess the effectiveness of security controls where measurable aspects of controls are first captured in models and then the models are used to analyze the security data gathered from the IT environment. The aim is to lift the risk and security control assessment lifecycle from a series of people based processes to one where model based technology enhances and automates the process.

Cited By

View all
  • (2022)Better security assessment communicationProceedings of the 3rd International Workshop on Engineering and Cybersecurity of Critical Systems10.1145/3524489.3527304(49-56)Online publication date: 16-May-2022
  • (2011)Security and Compliance in CloudsISSE 2010 Securing Electronic Business Processes10.1007/978-3-8348-9788-6_9(91-100)Online publication date: 2011

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
QoP '07: Proceedings of the 2007 ACM workshop on Quality of protection
October 2007
64 pages
ISBN:9781595938855
DOI:10.1145/1314257
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 29 October 2007

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. assurance
  2. audit
  3. control effectiveness
  4. models
  5. risk

Qualifiers

  • Article

Conference

CCS07
Sponsor:

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)4
  • Downloads (Last 6 weeks)3
Reflects downloads up to 20 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2022)Better security assessment communicationProceedings of the 3rd International Workshop on Engineering and Cybersecurity of Critical Systems10.1145/3524489.3527304(49-56)Online publication date: 16-May-2022
  • (2011)Security and Compliance in CloudsISSE 2010 Securing Electronic Business Processes10.1007/978-3-8348-9788-6_9(91-100)Online publication date: 2011

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media