Abstract
Measuring the security of an Information System has become a critical issue in the era of Information Technology. As any other process, security can not be improved, if it can not be measured. The need of security metrics is important for assessing the current security status. Since all systems and organizations are different, there is no single set of metrics that is generally applicable. This paper presents an algorithm to develop the necessary security metrics for assessing the information system in a structured way and a quantitative evaluation model with qualitative decision based on Analytic Hierarchy Process (AHP) to measure the security level of the Information System. At last, a test case is given to illustrate the algorithm and effectiveness of this model.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
