%0 Conference Proceedings
%T Using Trust-Based Information Aggregation for Predicting Security Level of Systems
%+ Telenor GBD&R
%+ Valdosta State University
%+ Colorado State University [Fort Collins] (CSU)
%A Houmb, Siv Hilde
%A Chakraborty, Sudip
%A Ray, Indrakshi
%A Ray, Indrajit
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSEC)
%C Rome, Italy
%Y Sara Foresti; Sushil Jajodia
%I Springer
%3 Data and Applications Security and Privacy XXIV
%V LNCS-6166
%P 241-256
%8 2010-06-21
%D 2010
%R 10.1007/978-3-642-13739-6_16
%Z Computer Science [cs]/Digital Libraries [cs.DL]Conference papers
%X Sometimes developers must design innovative security solutions that have a rapid development cycle, short life-time, short time-to-market, and small budget. Security evaluation standards, such as Common Criteria and ISO/IEC 17799, cannot be used due to resource limitations, time-to-market, and other constraints. We propose an alternative time and cost effective approach for predicting the security level of a security solution using information sources who are trusted to varying degrees. We show how to assess the trustworthiness of each information source and demonstrate how to aggregate the information obtained from them. We illustrate our approach by showing the security level prediction for two Denial of Service (DoS) solutions.
%G English
%2 https://inria.hal.science/hal-01056685/document
%2 https://inria.hal.science/hal-01056685/file/_19.pdf
%L hal-01056685
%U https://inria.hal.science/hal-01056685
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-LNCS-6166
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-2010