An Assessment Model for Security-Critical Enterprise Systems

Abstract

—This paper presents a model for assessing security of enterprise systems. It focuses on the structural properties of enterprise systems’ architectures in order to quantify their overall security. The model is built on the well-known three-tier architecture model and aims to identify the ways in which security-critical data values may be transferred between various components of the system’s architecture. This paper extends the three-tier architecture model to add a fourth layer which defines a set of low-level security metrics developed based on systems’ structural characteristics, such as data accessibility, coupling, cohesion and complexity. These metrics then are linked to relevant components of the three layers in the three-tier architecture model and hence defining a single security metric for each component. By combining security metrics of each layer’s components, a single security index is defined that forms the security value of each layer. Finally, the entire system’s security is summarised as a single security value. These metrics allow different architecture of the same system, or different systems with similar functionalities, to be compared for their relative security at a number of different abstraction levels at an early stage of development for any enterprise system.