科技报告详细信息
Predictive Modelling for Security Operations Economics
Yearworth, Mike ; Monahan, Brian ; Pym, David
HP Development Company
关键词: security;    security operations;    modelling;    simulation;    Demos2K;    service level agreements;   
RP-ID  :  HPL-2006-125
学科分类:计算机科学(综合)
美国|英语
来源: HP Labs
PDF
【 摘 要 】

Information security operations - necessary to protect the confidentiality, integrity, and availability of an organization's information systems against attacks - represent substantial investments in technologies, tools, and human resources. Typically, the relationship between the supplier of an information system and its users is regulated by a Service Level Agreement, and the supplier must determine the appropriate level of investment in operational resources in order to meet its contractual obligations whilst maintaining its economic viability. We contend that investment decisions should be based on analytic models of the behaviour of information systems in the context of the environmental threats they face. We describe a mathematical framework, together with a modelling philosophy, for capturing the structural and dynamical properties of systems and their associated security operations. We describe how a modelling tool (Demos2k) can be used to capture much of our conceptual framework, giving a detailed, experimental example. We show that our models are able to predict the economic consequences of investment decisions for security operations. 23 Pages

【 预 览 】
附件列表
Files Size Format View
RO201804100001473LZ 431KB PDF download
  文献评价指标  
  下载次数:19次 浏览次数:31次