Using Security Patterns to Combine Security Metrics

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Thomas Heyman Articles by Riccardo Scandariato Articles by Christophe Huygens Articles by Wouter Joosen

2008 Third International Conference on Availability, Reliability and Security

March 04-March 07

ISBN: 978-0-7695-3102-1

	ASCII Text	x
	Thomas Heyman, Riccardo Scandariato, Christophe Huygens, Wouter Joosen, "Using Security Patterns to Combine Security Metrics," Availability, Reliability and Security, International Conference on, pp. 1156-1163, 2008 Third International Conference on Availability, Reliability and Security, 2008.

	BibTex	x
	@article{ 10.1109/ARES.2008.54, author = {Thomas Heyman and Riccardo Scandariato and Christophe Huygens and Wouter Joosen}, title = {Using Security Patterns to Combine Security Metrics}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3102-1}, pages = {1156-1163}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2008.54}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - Using Security Patterns to Combine Security Metrics SN - 978-0-7695-3102-1 SP1156 EP1163 A1 - Thomas Heyman, A1 - Riccardo Scandariato, A1 - Christophe Huygens, A1 - Wouter Joosen, PY - 2008 KW - Security metrics KW - security patterns VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2008.54

Measuring security is an important step in creating and deploying secure applications. In order to efficiently measure the level of security that an application provides, three problems need to be solved: obviously metrics need to be available, a suitable metrics framework needs to be chosen and implemented, and the resulting measurements need to be interpreted. This work focuses on the second and third problem. We propose an approach to facilitate the selection and integration of appropriate security metrics, and to support the aggregation and interpretation of measurements. Our approach associates security metrics to security patterns, and we exploit the relationships between security patterns and security objectives to enable the interpretation of measurements. The approach is illustrated in a case study.

Index Terms:

Security metrics, security patterns

Citation:

Thomas Heyman, Riccardo Scandariato, Christophe Huygens, Wouter Joosen, "Using Security Patterns to Combine Security Metrics," ares, pp.1156-1163, 2008 Third International Conference on Availability, Reliability and Security, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.