![]() ![]() ![]() It computes for each system's stakeholders his loss of operation ($/H) while taking account of its respective users, security requirements, system's components and the complete list of security threats. It is a cascade of linear models to quantify security threats in term of loss that results from system's vulnerabilities. The Mean Failure Cost model (MFC) is a recent, strong and structural risk management model. In this paper, the authors intend to answer the question: what taxonomy of security requirements should we use in a security quantification process? It is thus imperative to build a standard, unified and hierarchical taxonomy which incorporates 13 security requirements and then refined in layer into 31 sub-factors referring to the variety of the proposed models based on previous works. Everyone examines some requirements and neglects others. A literature review has shown that there are different models of security requirements. A challenging issue in the context of cyber security is to deal with the orthogonal classification of security requirements. In security risk management practices if we cannot measure, we can neither control nor improve.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |