Skip to main content
Conference ProceedingsOPEN ACCESS

Elaborating quantitative approaches for it security evaluation

IFIP Advances in Information and Communication Technology (2002) 86 67
DOI: 10.1007/978-0-387-35586-3_5
4Citations
Citations of this article
6Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Infonnation Systems security evaluation is a sine qua non requirement for effective IT security management, as well as for establishing trust among different but cooperating business partners. This paper initially provides a critical review of traditionally applied evaluation and certification schemes. Based upon this review, the paper stresses the need for an approach that is quantitative in nature and can address the problem of IS operational security. Then, such an approach is presented, mainly based on an existing complex of models (CEISOQ) for evaluating IS operation quality. It is argued that there are certain benefits if this approach is applied in combination with the traditional qualitative ones.

Author supplied keywords

Cite

CITATION STYLE

APA

Gritzalis, D., Karyda, M., & Gymnopoulos, L. (2002). Elaborating quantitative approaches for it security evaluation. In IFIP Advances in Information and Communication Technology (Vol. 86, p. 67). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-0-387-35586-3_5

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free