Valuation and reporting of security assurance at operational systems level

Security Assurance is commonly defined as the ground for confidence on the security mechanisms to meet their objectives. Current approaches to evaluating Security Assurance have mainly focused on the software development stage or at the end product software. The few attempts to address Security Assurance at runtime assume a system security model to be static.
However most often, it is after the deployment or implementation phase that a system's security may be violated. A cause of security breach that has often been overlooked is the improper deployment/ implementation of the security mechanisms or, generally speaking, their incorrect posture at a given time. Such a security lax may create a false sense of security and lead to negative impacts on the stakeholders.
The motivation behind this work stems from the challenges relating: what Security Assurance is and; how it may be appraised and reported for a better understanding of an operational system's security posture. The novelty of this work lies in the provision of the metrics and a
methodology that could help address such a challenge. Hence, this thesis provides a contribution towards the improvement of the Security Assurance information required for the understanding of the security situation from a security practitioner perspective, taking into account: the quality of the verification process or software probe used for the verification; the reported correctness status of a security mechanism at a given time; and the estimated effectiveness level for a security mechanism, in case such information is available. Guidance on what tasks may or may
not be performed given the security posture of a security mechanism is provided for those users without much understanding of security and is based on the security criticality of the context in which the system operates. The aforementioned metrics are subsequently integrated in an overall methodology which helps compute the Security Assurance level of a component or service through aggregation techniques. Another important feature of the methodology is that it allows the security practitioner to adapt the security model or the metrics in case of newly emerged vulnerabilities. Evaluation of this contribution is described through use of theoretical criteria, tool implementation and application to a case study. Furthermore, Information security professionals have reviewed and evaluated the metrics and methodology proposed by this thesis and provided opinions on their applicability.

This thesis supplied via ROAR to UEL-registered users is protected by copyright and other intellectual property rights, and duplication of any part of the material is not permitted, except for your personal use for the purposes of non-commercial research and private study in electronic or print form. You must obtain permission from the copyright-holder for any other use. Electronic or print copies may not be offered, for sale or otherwise, to anyone. No quotation from the thesis may be published without proper acknowledgement.