Abstract

Security assessment is a central ability in the striving for adequate levels of IT security in information systems and networks. In this paper, the issue of system-wide IT security assessment is addressed. The results include a framework for IT security assessment addressing the need to include the influence of system structure in assessments. The purpose of the framework is twofold, to support the development of system security assessment methods and to enable the categorization of existing methods. Moreover, as an example of a possible approach to system security assessment, the CAESAR method is presented. CAESAR enables the calculation of scalar overall system security values as well as system-dependent security values for technical system entities.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.