Return to search

Design and implementation of a framework for security metrics creation / Konstruktion och användning av ett ramverk för säkerhetsmetriker

<p>Measuring information security is the key to unlocking the knowledge of how secure information systems really are. In order to perform these measurements, security metrics can be used. Since all systems and organizations are different, there is no single set of metrics that is generally applicable. In order to help organizations create metrics, this thesis will present a metrics creation framework providing a structured way of creating the necessary metrics for any information system. The framework takes a high level information security goal as input, and transforms it to metrics using decomposition of goals that are then inserted into a template. The thesis also presents a set of metrics based on a minimum level of information security produced by the Swedish emergency management agency. This set of metrics can be used to show compliance with the minimum level or as a base when a more extensive metrics program is created.</p>

Identiferoai:union.ndltd.org:UPSALLA/oai:DiVA.org:liu-18217
Date January 2009
CreatorsLundholm, Kristoffer
PublisherLinköping University, Department of Electrical Engineering
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, text

Page generated in 0.002 seconds