Home
International Software Testing Conference
Home
About The Conference
Organizers
2007 Security Speakers
2007 Security Testing Talks
2007 Quality Testing
2007 Keynote Speeches
2007 Sponsors
2007 Half-Day Workshops
VERIFY 2007 Conference
Mailing List

Enter your email to receive occasional news about VERIFY 2008.
ST13: Security Metrics: What can you test? PDF Print E-mail

Zed Abbadi 

Metrics and measurements are the cornerstones of any scientific discipline. Security metrics are essential to meeting an organizations’ security objectives. Building secure systems and securing computer networks are highly dependent on quantitative measurements that define the target security levels and current, or achievable, security levels. Without good metrics, it is difficult to assert a certain level of security, or compare products or systems that claim specific security features.

Various security metrics exist that are widely used by the security community. However, most of them fall short of meeting the scientific definition of a metric. This talk will discuss these metrics, and how they relate to security testing. It will provide an overview of the current status of security metrics and discuss a number of metrics and their virtues and shortcomings.




Digg!Reddit!Del.icio.us!Google!Netscape!Technorati!StumbleUpon!Newsvine!Yahoo!
Last Updated ( Friday, 13 July 2007 )