Current trends and advances in IT service infrastructures security assurance evaluation

Conference paper

Ouedraogo, Moussa, Mouratidis, Haralambos, Khadraoui, Djamel, Dubois, Eric and Palmer-Brown, Dominic 2009. Current trends and advances in IT service infrastructures security assurance evaluation. Proceedings of Advances in Computing and Technology. (AC&T) The School of Computing and Technology 4th Annual Conference University of East London pp. 132-141
AuthorsOuedraogo, Moussa, Mouratidis, Haralambos, Khadraoui, Djamel, Dubois, Eric and Palmer-Brown, Dominic
TypeConference paper
Abstract

The term security assurance has been used in the computer science literature to express the
confidence that one has in the strength of the security measures. The need for a methodology to
measure current security assurance levels of a system has been reported in the literature as vital in
order to maintain and improve the overall security. However, a scrutiny of the literature reveals that in
the area of IT security assurance, a large number of research questions still remain without an answer.
Although a number of works have been presented in recent years, especially with respect to assurance
metrics development, little effort has been made in developing a robust operational methodology for
the evaluation of IT service infrastructures security assurance. This paper captures the current status
of research efforts made in the field of security assurance evaluation. It collects previous and current
academic, normalization and commercial work on security assurance, and establishes a
comprehensive state of the art in the domain. In addition, the paper outlines the general features of an
ongoing work aiming at the development of a security assurance evaluation framework that takes into
account the evolving and ubiquitous IT infrastructures. The novelty of this ongoing work lies not only
on the adaptability of the security assurance evaluation system to the evolving infrastructure model
but also on the use of a “bottomup”
approach in evaluating the security assurance level of a service
using aggregation techniques. The methodology is intended to assist network managers in addressing
more promptly security failures within the infrastructure as well as to increase the trust of end users in
using IT systems.

Keywordssecurity assurance; IT infrastructures; computer hacking; methodology
Year2009
ConferenceProceedings of Advances in Computing and Technology
Publisher's version
License
CC BY-ND
Publication dates
Print2009
Publication process dates
Deposited28 Jul 2010
Web address (URL)http://www.uel.ac.uk/act/proceedings/documents/FinalProceedings.pdf
http://hdl.handle.net/10552/916
Additional information

Citation:
Ouedraogo, M. et al. (2009) ‘Current trends and advances in IT service infrastructures security assurance evaluation’ Proceedings of Advances in Computing and Technology, (AC&T) The School of Computing and Technology 4th Annual Conference, University of East London, pp.132-141.

Place of publicationUniversity of East London
Page range132-141
Permalink -

https://repository.uel.ac.uk/item/8646y

Log in to edit

Download files

Publisher's version
Ouedraogo, M. (2009) AC&T 132.pdf
License: CC BY-ND

  • 87
    total views
  • 54
    total downloads
  • 0
    views this month
  • 0
    downloads this month

Export as