HPL-2008-7 Model-Based Assurance of Security Controls - Beres, Yolanta; Baldwin, Adrian; Shiu, Simon
Keyword(s): compliance, assurance, security, audit, metrics
Abstract: The paper presents an innovative way to assess the effectiveness of security controls where measurable aspects of controls are first captured in the models and then the models are used to analyse the security data gathered from the IT environment. The aim is to lift the risk and security control man ...
Full Report