Please use this identifier to cite or link to this item: http://hdl.handle.net/10603/91567
Title: Modeling of Security Measurement Metrics in an Information System
Researcher: Mir, Irshad Ahmad
Guide(s): Quadri, S.M.K.
Keywords: Security Evaluation
Security Metrics
Software Reliability Measurement
Software Security
University: University of Kashmir
Completed Date: 
Abstract: Security metrics and measurement is a sub-field of broader information security field. This field newlineis not new but it got very least and sporadic attention as a result of which it is still in its early newlinestages. The measurement and evaluation of security now became a long standing challenge to the newlineresearch community. Much of the focus remained towards devising and the application of new newlineand updated protection mechanisms. Measurements in general act as a driving force in decision making. newlineThe information systems are comprised of various components such as people, hardware, data, newlinenetwork and software. With the fast growing reliance on the software systems, the research newlinereported in this thesis aims to provide a framework using mathematical modeling techniques for newlineevaluation of security of the software systems at the architectural and design phase of the system newlinelifecycle and the derived security metrics on a controlled scale from the proposed framework. newlineThe proposed security evaluation framework is independent of the programing language and the newlineplatform used in developing the system and also is applicable from small desktop application to newlinelarge complex distributed software. The validation process of security metrics is the most newlinechallenging part of the security metrics field. In this thesis we have conducted the exploratory newlineempirical evaluation on a running system to validate the derived security metrics and the newlinemeasurement results. To make the task easy we have transformed the proposed security evaluation into algorithmic form which increased the applicability of the proposed framework newlinewithout requiring any expert security knowledge. The motivation of the research is to provide the software development team with a tool to newlineevaluate the level of security of each of the element of the system and the overall system at the early development stages of the system life cycle. newlineWhat is to be newlinemeasured? where (in the system life cycle) to measure? how to measure? newlineanswered in the thesis
Pagination: NA
URI: http://hdl.handle.net/10603/91567
Appears in Departments:Department of Computer Science

Files in This Item:
File Description SizeFormat 
01_title.pdfAttached File39.94 kBAdobe PDFView/Open
02_declaration.pdf11.87 kBAdobe PDFView/Open
03_abstract.pdf28.84 kBAdobe PDFView/Open
04_acknowledgement.pdf11.47 kBAdobe PDFView/Open
05_contents.pdf19.51 kBAdobe PDFView/Open
06_list_of_tables.pdf132.09 kBAdobe PDFView/Open
07_list_of_figures.pdf145.3 kBAdobe PDFView/Open
08_list_of_algorithms.pdf127.77 kBAdobe PDFView/Open
09_chapter1.pdf346.98 kBAdobe PDFView/Open
10_chapter2.pdf560.03 kBAdobe PDFView/Open
11_chapter3.pdf530.22 kBAdobe PDFView/Open
12_chapter4.pdf2.05 MBAdobe PDFView/Open
13_chapter5.pdf952.49 kBAdobe PDFView/Open
14_conclusion.pdf250.55 kBAdobe PDFView/Open
15_refrences.pdf435.66 kBAdobe PDFView/Open


Items in Shodhganga are protected by copyright, with all rights reserved, unless otherwise indicated.