AVT Vector: A Quantitative Security Requirements Evaluation Approach Based on Assets, Vulnerabilities and Trustworthiness of Environment

2009 ◽  
Author(s):  
Teng Long ◽  
Lin Liu ◽  
Yijun Yu ◽  
Zhi Jin
Keyword(s):  
Security Requirements ◽  
Evaluation Approach

Formative User-Centered Evaluation of Security Modeling

2012 ◽  
Vol 3 (1) ◽  
pp. 1-19 ◽  
Author(s):  
Sandra Trösterer ◽  
Elke Beck ◽  
Fabiano Dalpiaz ◽  
Elda Paja ◽  
Paolo Giorgini ◽  
...  
Keyword(s):  
Security Requirements ◽  
Modeling Language ◽  
Complex Activity ◽  
Evaluation Approach ◽  
Security Requirements Engineering ◽  
Security Modeling ◽  
Social Organizational ◽  
High Level ◽  
User Centered

Developing a security modeling language is a complex activity. Particularly, it becomes very challenging for Security Requirements Engineering (SRE) languages where social/organizational concepts are used to represent high-level business aspects, while security aspects are typically expressed in a technical jargon at a lower level of abstraction. In order to reduce this socio-technical mismatch and reach a high quality outcome, appropriate evaluation techniques need to be chosen and carried out throughout the development process of the modeling language. In this article, the authors present and discuss the formative user-centered evaluation approach, namely an evaluation technique that starts since the early design stages and actively involves end-users. The authors demonstrate the approach in a real case study presenting the results of the evaluation. From the gained empirical evidence, we may conclude that formative user-centered evaluation is highly recommended to investigate any security modeling language.

The Measurement of Performance in Probabilistic Diagnosis IV. Utility Considerations in Therapeutics and Prognostics

1981 ◽  
Vol 20 (02) ◽  
pp. 80-96 ◽  
Author(s):  
J. D. F. Habbema ◽  
J. Hilden
Keyword(s):  
Decision Theory ◽  
Figure Of Merit ◽  
Acute Abdominal Pain ◽  
Theory Approach ◽  
Expected Loss ◽  
Patient Benefit ◽  
Evaluation Approach ◽  
Average Loss ◽  
Actual Decision ◽  
Probabilistic Diagnosis

It is argued that it is preferable to evaluate probabilistic diagnosis systems in terms of utility (patient benefit) or loss (negative benefit). We have adopted the provisional strategy of scoring performance as if the system were the actual decision-maker (not just an aid to him) and argue that a rational figure of merit is given by the average loss which patients would incur by having the system decide on treatment, the treatment being selected according to the minimum expected loss principle of decision theory.A similar approach is taken to the problem of evaluating probabilistic prognoses, but the fundamental differences between treatment selection skill and prognostic skill and their implications for the assessment of such skills are stressed. The necessary elements of decision theory are explained by means of simple examples mainly taken from the acute abdomen, and the proposed evaluation tools are applied to Acute Abdominal Pain data analysed in our previous papers by other (not decision-theoretic) means. The main difficulty of the decision theory approach, viz. that of obtaining good medical utility values upon which the analysis can be based, receives due attention, and the evaluation approach is extended to cover more realistic situations in which utility or loss values vary from patient to patient.

Cloud Security Requirements

2014 ◽  
Vol 1 (1) ◽  
pp. 1-5
Author(s):  
Poonam Rawat ◽  
◽  
Neha Rawat ◽  
Shikha Singh ◽  
Awantika . ◽  
...  
Keyword(s):  
Cloud Security ◽  
Security Requirements

Bringing Security to The Smallest Embedded Systems

2017 ◽  
Author(s):  
JOSEPH YIU
Keyword(s):  
Internet Of Things ◽  
Embedded Systems ◽  
Low Cost ◽  
Security Requirements ◽  
The Internet ◽  
Security Measures ◽  
Significant Challenge ◽  
Iot Devices

The increasing need for security in microcontrollers Security has long been a significant challenge in microcontroller applications(MCUs). Traditionally, many microcontroller systems did not have strong security measures against remote attacks as most of them are not connected to the Internet, and many microcontrollers are deemed to be cheap and simple. With the growth of IoT (Internet of Things), security in low cost microcontrollers moved toward the spotlight and the security requirements of these IoT devices are now just as critical as high-end systems due to:

Sign in / Sign up

Export Citation Format

Share Document