The Method of Implementation of the Numerical IT-Security Metrics in Management Systems

被引：0

作者：

Livshitz, Ilya ^{[1
]}

Lontsikh, Pavel ^{[2
]}

Eliseev, Sergey ^{[2
]}

机构：

[1] ITMO Univ, St Petersburg, Russia

[2] Irkutsk Natl Res Tech Univ, Irkutsk, Russia

来源：

PROCEEDINGS OF THE 20TH CONFERENCE OF OPEN INNOVATIONS ASSOCIATION (FRUCT 2017) | 2017年

关键词：

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The relevance of the publication is called by the attention to the problem of formation of reliable measurement results (estimates) of the IT-Security management systems' (ISMS) effectiveness. Decision-makers must operate reliable results of carrying out the measurements of ISMS based on objective quantitative metrics of IT-Security. Known methods for evaluation of the safety systems are presented excluding the PDCA cycle requirements and apart from the general requirements directly to the ISMS. The study of the applicable standards (ISO, NIST, and GOST) and the current practice allowed us to propose an approach to the explanation of a technique of formation of IT-Security metrics, that numerically let us to assess the effectiveness of the ISMS. The results can find a practical application in the independent efficiency evaluation of the ISMS.

引用

页码：242 / 247

页数：6

共 50 条

[31] Security Metrics and Risk Analysis for Enterprise Systems
Singhal, Anoop
PROCEEDINGS OF THE SIXTH INTERNATIONAL WORKSHOP ON SECURITY AND PRIVACY ANALYTICS (IWSPA'20), 2020, : 1 - 1
[32] Security metrics and synthesis of secure control systems
Murguia, Carlos
Shames, Iman
Ruths, Justin
Nesic, Dragan
AUTOMATICA, 2020, 115
[33] Security metrics for power based SCA resistant hardware implementation
Park, Jungmin
Tyagi, Akhilesh
2016 29TH INTERNATIONAL CONFERENCE ON VLSI DESIGN AND 2016 15TH INTERNATIONAL CONFERENCE ON EMBEDDED SYSTEMS (VLSID), 2016, : 541 - 546
[34] The Robust Measurement Method for Security Metrics Generation
Mazur, Katarzyna
Ksiezopolski, Bogdan
Kotulski, Zbigniew
COMPUTER JOURNAL, 2015, 58 (10): : 2280 - 2296
[35] How to Quantify the Security Level of Embedded Systems? A Taxonomy of Security Metrics
Longueira-Romero, Angel
Iglesias, Rosa
Gonzalez, David
Garitano, Inaki
2020 IEEE 18TH INTERNATIONAL CONFERENCE ON INDUSTRIAL INFORMATICS (INDIN), VOL 1, 2020, : 153 - 158
[36] Integration of IT Frameworks for the Management of Information Security within Industrial Control Systems providing Metrics and Indicators
Bustamante, Fabian
Fuertes, Walter
Diaz, Paul
Toulkeridis, Theofilos
PROCEEDINGS OF THE 2017 IEEE XXIV INTERNATIONAL CONFERENCE ON ELECTRONICS, ELECTRICAL ENGINEERING AND COMPUTING (INTERCON), 2017,
[37] Security awareness management - Foundations and implementation of security awareness
vom Brocke, J
Buddendick, C
SAM '05: Proceedings of the 2005 International Conference on Security and Management, 2005, : 221 - 227
[38] Security management systems
Computer Bits, Inc., Chicago, IL 60602, United States
Comput. and Inf. Sec. Handb., 1600, (255-258):
[39] Cloud Computing: Implementation, Management and Security
Fitz-Gerald, Stuart J.
INTERNATIONAL JOURNAL OF INFORMATION MANAGEMENT, 2010, 30 (05) : 472 - 472
[40] IMPLEMENTATION OF INFORMATION SECURITY MANAGEMENT SYSTEM
Drastich, Martin
PROCEEDINGS OF THE 10TH INTERNATIONAL SCIENTIFIC CONFERENCE: ECONOMIC POLICY IN THE EUROPEAN UNION MEMBER COUNTRIES: SELECTED PAPERS, 2013, : 49 - 55

← 1 2 3 4 5 →