Quantitative security metrics: Unattainable holy grail or a vital breakthrough within our reach?

Research output: Contribution to journalArticle

Abstract

It's long been well understood that you can calculate useful estimations of systems' reliability against accidental failure. It's also well understood that trying to calculate systems' level of security against possibly intelligent, determined, well-funded, and creative adversaries is a far greater challenge. Nevertheless, even a less-than-perfect predictive capacity, if its limitations are respected, is clearly better than none at all. Without promising perfection, such a capacity would offer crucial support to decision making that impacts system security.

Original languageEnglish (US)
Article number6798561
Pages (from-to)67-69
Number of pages3
JournalIEEE Security and Privacy
Volume12
Issue number2
DOIs
StatePublished - Jan 1 2014

Keywords

  • Computer security
  • Quantitative security metrics
  • Risk management
  • Security metrics
  • Trustworthy computing

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Electrical and Electronic Engineering
  • Law

Fingerprint Dive into the research topics of 'Quantitative security metrics: Unattainable holy grail or a vital breakthrough within our reach?'. Together they form a unique fingerprint.

  • Cite this