— Managing security projects is a delicate activity due to the evolution of attacks. In this paper, we develop a new methodology for estimating security effort based on algebraic...
In today’s applications, most users disregard the security functionality. They do not have the knowledge and/or the motivation to configure or to use the existing security func...
Unified and formal knowledge models of the information security domain are fundamental requirements for supporting and enhancing existing risk management approaches. This paper de...
Systematic approaches to measuring security are needed in order to obtain evidence of the security performance of products or an organization. In this study we survey the emerging...