Directions In Security Metrics Research

Information security metrics are seen as an important factor in making sound decisions about various aspects of security, ranging from the design of security architectures and controls to the effectiveness and efficiency of security operations. Security metrics strive to offer a quantitative and objective basis for security assurance. During the last few decades, researchers have made various attempts to develop measures and systems of measurement for computer security with varying degrees of success. This paper provides an overview of the security metrics area and looks at possible avenues of research that could be pursued to advance the state of the art.

More than 100 years ago, Lord Kelvin insightfully observed that measurement is vital to deep knowledge and understanding in physical science. During the last few decades, researches have made various attempts to develop measures and systems of measurement for computer security with varying degrees of success. This paper provides an overview of the security metrics area and looks at possible avenues of research that could be pursued to advance the state of the art.

The second edition of this comprehensive handbook of computer and information security provides the most complete view of computer security and privacy available. It offers in-depth coverage of security theory, technology, and practice as they relate to established technologies as well as recent advances. It explores practical solutions to many security issues. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors’ respective areas of expertise. The book is organized into 10 parts comprised of 70 contributed chapters by leading experts in the areas of networking and systems security, information management, cyber warfare and security, encryption technology, privacy, data storage, physical security, and a host of advanced security topics. New to this edition are chapters on intrusion detection, securing the cloud, securing web apps, ethical hacking, cyber forensics, physical security, disaster recovery, cyber attack deterrence, and more. Chapters by leaders in the field on theory and practice of computer and information security technology, allowing the reader to develop a new level of technical expertise Comprehensive and up-to-date coverage of security issues allows the reader to remain current and fully informed from multiple viewpoints Presents methods of analysis and problem-solving techniques, enhancing the reader's grasp of the material and ability to implement practical solutions

This book is the tenth in a series presenting research papers arising from MSc/MRes research projects undertaken by students of the School of Computing and Mathematics at Plymouth University. The publications in this volume are based upon research projects that were undertaken during the 2011/12 academic year. A total of 25 papers are presented, covering many aspects of modern networking and communication technology, including security, mobility, coding schemes and quality measurement. The expanded topic coverage compared to earlier volumes in this series reflects the broadening of our range of MSc programmes. Specifically contributing programmes are: Communications Engineering and Signal Processing, Computer and Information Security, Network Systems Engineering, and Robotics.

The second in the Women Securing the Future with TIPPSS series, this book provides insight and expert advice from seventeen women leaders in technology, healthcare and policy to address the challenges of Trust, Identity, Privacy, Protection, Safety and Security (TIPPSS) for connected healthcare, and the growing Internet of Medical Things (IoMT) ecosystem. The ten chapters in this book delve into trust, security and privacy risks in connected healthcare for patients, medical devices, personal and clinical data, healthcare providers and institutions, and provide practical approaches to manage and protect the data, devices, and humans. Cybersecurity, technology and legal experts discuss risks, from data and device hacks to ransomware, and propose approaches to address the challenges including new frameworks for architecting and evaluating medical device and connected hospital cybersecurity. We all need to be aware of the TIPPSS challenges in connected healthcare, and we call upon engineers, device manufacturers, system developers and healthcare providers to ensure trust and manage the risk. Featuring contributions from prominent female experts and role models in technology, cybersecurity, engineering, computer science, data science, business, healthcare, accessibility, research, law, privacy and policy, this book sets the stage to improve security and safety in our increasingly connected world.

With the proliferation of devices connected to the internet and connected to each other, the volume of data collected, stored, and processed is increasing every day, which brings new challenges in terms of information security. As big data expands with the help of public clouds, traditional security solutions tailored to private computing infrastructures and confined to a well-defined security perimeter, such as firewalls and demilitarized zones (DMZs), are no longer effective. New security functions are required to work over the heterogenous composition of diverse hardware, operating systems, and network domains. Security, Privacy, and Forensics Issues in Big Data is an essential research book that examines recent advancements in big data and the impact that these advancements have on information security and privacy measures needed for these networks. Highlighting a range of topics including cryptography, data analytics, and threat detection, this is an excellent reference source for students, software developers and engineers, security analysts, IT consultants, academicians, researchers, and professionals.

Information technology in the workplace is vital to the management of workflow in the company; therefore, IT security is no longer considered a technical issue but a necessity of an entire corporation. The practice of IT security has rapidly expanded to an aspect of Corporate Governance so that the understanding of the risks and prospects of IT security are being properly managed at an executive level. IT Security Governance Innovations: Theory and Research provides extraordinary research which highlights the main contributions and characteristics of existing approaches, standards, best practices, and new trends in IT Security Governance. With theoretical and practical perspectives, the book aims to address IT Security Governance implementation in corporate organizations. This collection of works serves as a reference for CEOs and CIOs, security managers, systems specialists, computer science students, and much more.