Home Publications Research Grants Inventions & Patents Awards Additional Research Activities Faculties & Institutions Research Areas

Towards Solving the Data Problem in Measurement of Organisations´ Security

Weiß S, Meyer-Wegener K (2008)

---

Publication Language: English

Publication Type: Conference contribution, Original article

Publication year: 2008

Publisher: GI

Edited Volumes: Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI)

Series: Lecture Notes in Informatics

City/Town: Bonn

Book Volume: 128

Pages Range: 461-472

Conference Proceedings Title: Sicherheit 2008: Sicherheit, Schutz und Zuverlässigkeit

Event location: Saarbrücker Schloss

ISBN: 978-3-88579-222-2

URI: http://www6.informatik.uni-erlangen.de/publications/public/2008/sicherheit2008_weis.pdf

Abstract

Awareness of security has risen during the last years. As a result, the question of adequate protection against security risks increased, too. Management wants to decide whether and how to invest in this protection. As a result, quantitative statements about information-security risks are needed. Existing approaches in this domain either rely on guessed data or do not answer the question in a quantitative way. We think that this is due to the fact that no approach separates information that can be provided by a central organization (e.g. known attacks, available controls, and a control's probability of protection) from information which must be provided individually (e.g. the controls installed). We have developed an approach that employs this separation and allows quantitative assessment of security with the help of a model. This model is presented here with a special look at the separation.

Authors with CRIS profile

How to cite

APA:

Weiß, S., & Meyer-Wegener, K. (2008). Towards Solving the Data Problem in Measurement of Organisations´ Security. In Sicherheit 2008: Sicherheit, Schutz und Zuverlässigkeit (pp. 461-472). Saarbrücker Schloss, DE: Bonn: GI.

MLA:

Weiß, Steffen, and Klaus Meyer-Wegener. "Towards Solving the Data Problem in Measurement of Organisations´ Security." Proceedings of the Konferenzband der 4. Jahrestagung, Saarbrücker Schloss Bonn: GI, 2008. 461-472.

BibTeX: Download