Why Measuring Security Is Hard

被引:45
|
作者
Pfleeger, Shari Lawrence [1 ]
Cunningham, Robert K. [2 ]
机构
[1] RAND Corp, Santa Monica, CA 90406 USA
[2] MIT, Lincoln Lab, Cyber Syst & Technol Grp, Cambridge, MA 02139 USA
来源
IEEE SECURITY & PRIVACY | 2010年 / 8卷 / 04期
关键词
measurement; security and privacy;
D O I
10.1109/MSP.2010.60
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
For many years, we've been trying to measure "security" so that we can increase accountability, demonstrate compliance, and determine whether and by how much our investments in products and processes are making our systems more secure. This article investigates why security measurement is difficult and what strategies might help address our needs. © 2006 IEEE.
引用
收藏
页码:46 / 54
页数:9
相关论文
共 50 条
12345