Bridging the Gap between Security/Risk and Quality
- Autores
- Olsina Santos, Luis Antonio; Pesotskaya, Elena; Dieser, Alexander; Covella, Guillermo Juan
- Año de publicación
- 2013
- Idioma
- inglés
- Tipo de recurso
- documento de conferencia
- Estado
- versión publicada
- Descripción
- An IT security vulnerability can be considered as an inherent weakness in a target system that could be exploited by a threat source. The underlying hypothesis in our proposal is that each identified attribute associated with the target entity to be controlled should show the highest quality satisfaction level as an elementary indicator. The higher the quality indicator value achieved per each attribute, the lower the vulnerability indicator value and therefore the potential impact from the risk standpoint. In the present work, we discuss the added value of supporting the IT security and risk assessment areas with measurement and evaluation (M&E) methods and strategy, which are based on metrics and indicators. Also we illustrate excerpts of an M&E case study for characteristics and attributes of Security, and their potential risk assessment.
Sociedad Argentina de Informática e Investigación Operativa (SADIO) - Materia
-
Ciencias Informáticas
security vulnerability
quality indicator
Measurements
Evaluation/methodology - Nivel de accesibilidad
- acceso abierto
- Condiciones de uso
- http://creativecommons.org/licenses/by-nd/3.0/
- Repositorio
.jpg)
- Institución
- Universidad Nacional de La Plata
- OAI Identificador
- oai:sedici.unlp.edu.ar:10915/76486
Ver los metadatos del registro completo
| id |
SEDICI_b3703a07fb937a30b4457c4506758a98 |
|---|---|
| oai_identifier_str |
oai:sedici.unlp.edu.ar:10915/76486 |
| network_acronym_str |
SEDICI |
| repository_id_str |
1329 |
| network_name_str |
SEDICI (UNLP) |
| spelling |
Bridging the Gap between Security/Risk and QualityOlsina Santos, Luis AntonioPesotskaya, ElenaDieser, AlexanderCovella, Guillermo JuanCiencias Informáticassecurity vulnerabilityquality indicatorMeasurementsEvaluation/methodologyAn IT security vulnerability can be considered as an inherent weakness in a target system that could be exploited by a threat source. The underlying hypothesis in our proposal is that each identified attribute associated with the target entity to be controlled should show the highest quality satisfaction level as an elementary indicator. The higher the quality indicator value achieved per each attribute, the lower the vulnerability indicator value and therefore the potential impact from the risk standpoint. In the present work, we discuss the added value of supporting the IT security and risk assessment areas with measurement and evaluation (M&E) methods and strategy, which are based on metrics and indicators. Also we illustrate excerpts of an M&E case study for characteristics and attributes of Security, and their potential risk assessment.Sociedad Argentina de Informática e Investigación Operativa (SADIO)2013-09info:eu-repo/semantics/conferenceObjectinfo:eu-repo/semantics/publishedVersionObjeto de conferenciahttp://purl.org/coar/resource_type/c_5794info:ar-repo/semantics/documentoDeConferenciaapplication/pdf168-182http://sedici.unlp.edu.ar/handle/10915/76486enginfo:eu-repo/semantics/altIdentifier/url/http://42jaiio.sadio.org.ar/proceedings/simposios/Trabajos/ASSE/13.pdfinfo:eu-repo/semantics/altIdentifier/issn/1850-2792info:eu-repo/semantics/openAccesshttp://creativecommons.org/licenses/by-nd/3.0/Creative Commons Attribution-NoDerivs 3.0 Unported (CC BY-ND 3.0)reponame:SEDICI (UNLP)instname:Universidad Nacional de La Platainstacron:UNLP2025-11-26T09:51:26Zoai:sedici.unlp.edu.ar:10915/76486Institucionalhttp://sedici.unlp.edu.ar/Universidad públicaNo correspondehttp://sedici.unlp.edu.ar/oai/snrdalira@sedici.unlp.edu.arArgentinaNo correspondeNo correspondeNo correspondeopendoar:13292025-11-26 09:51:26.334SEDICI (UNLP) - Universidad Nacional de La Platafalse |
| dc.title.none.fl_str_mv |
Bridging the Gap between Security/Risk and Quality |
| title |
Bridging the Gap between Security/Risk and Quality |
| spellingShingle |
Bridging the Gap between Security/Risk and Quality Olsina Santos, Luis Antonio Ciencias Informáticas security vulnerability quality indicator Measurements Evaluation/methodology |
| title_short |
Bridging the Gap between Security/Risk and Quality |
| title_full |
Bridging the Gap between Security/Risk and Quality |
| title_fullStr |
Bridging the Gap between Security/Risk and Quality |
| title_full_unstemmed |
Bridging the Gap between Security/Risk and Quality |
| title_sort |
Bridging the Gap between Security/Risk and Quality |
| dc.creator.none.fl_str_mv |
Olsina Santos, Luis Antonio Pesotskaya, Elena Dieser, Alexander Covella, Guillermo Juan |
| author |
Olsina Santos, Luis Antonio |
| author_facet |
Olsina Santos, Luis Antonio Pesotskaya, Elena Dieser, Alexander Covella, Guillermo Juan |
| author_role |
author |
| author2 |
Pesotskaya, Elena Dieser, Alexander Covella, Guillermo Juan |
| author2_role |
author author author |
| dc.subject.none.fl_str_mv |
Ciencias Informáticas security vulnerability quality indicator Measurements Evaluation/methodology |
| topic |
Ciencias Informáticas security vulnerability quality indicator Measurements Evaluation/methodology |
| dc.description.none.fl_txt_mv |
An IT security vulnerability can be considered as an inherent weakness in a target system that could be exploited by a threat source. The underlying hypothesis in our proposal is that each identified attribute associated with the target entity to be controlled should show the highest quality satisfaction level as an elementary indicator. The higher the quality indicator value achieved per each attribute, the lower the vulnerability indicator value and therefore the potential impact from the risk standpoint. In the present work, we discuss the added value of supporting the IT security and risk assessment areas with measurement and evaluation (M&E) methods and strategy, which are based on metrics and indicators. Also we illustrate excerpts of an M&E case study for characteristics and attributes of Security, and their potential risk assessment. Sociedad Argentina de Informática e Investigación Operativa (SADIO) |
| description |
An IT security vulnerability can be considered as an inherent weakness in a target system that could be exploited by a threat source. The underlying hypothesis in our proposal is that each identified attribute associated with the target entity to be controlled should show the highest quality satisfaction level as an elementary indicator. The higher the quality indicator value achieved per each attribute, the lower the vulnerability indicator value and therefore the potential impact from the risk standpoint. In the present work, we discuss the added value of supporting the IT security and risk assessment areas with measurement and evaluation (M&E) methods and strategy, which are based on metrics and indicators. Also we illustrate excerpts of an M&E case study for characteristics and attributes of Security, and their potential risk assessment. |
| publishDate |
2013 |
| dc.date.none.fl_str_mv |
2013-09 |
| dc.type.none.fl_str_mv |
info:eu-repo/semantics/conferenceObject info:eu-repo/semantics/publishedVersion Objeto de conferencia http://purl.org/coar/resource_type/c_5794 info:ar-repo/semantics/documentoDeConferencia |
| format |
conferenceObject |
| status_str |
publishedVersion |
| dc.identifier.none.fl_str_mv |
http://sedici.unlp.edu.ar/handle/10915/76486 |
| url |
http://sedici.unlp.edu.ar/handle/10915/76486 |
| dc.language.none.fl_str_mv |
eng |
| language |
eng |
| dc.relation.none.fl_str_mv |
info:eu-repo/semantics/altIdentifier/url/http://42jaiio.sadio.org.ar/proceedings/simposios/Trabajos/ASSE/13.pdf info:eu-repo/semantics/altIdentifier/issn/1850-2792 |
| dc.rights.none.fl_str_mv |
info:eu-repo/semantics/openAccess http://creativecommons.org/licenses/by-nd/3.0/ Creative Commons Attribution-NoDerivs 3.0 Unported (CC BY-ND 3.0) |
| eu_rights_str_mv |
openAccess |
| rights_invalid_str_mv |
http://creativecommons.org/licenses/by-nd/3.0/ Creative Commons Attribution-NoDerivs 3.0 Unported (CC BY-ND 3.0) |
| dc.format.none.fl_str_mv |
application/pdf 168-182 |
| dc.source.none.fl_str_mv |
reponame:SEDICI (UNLP) instname:Universidad Nacional de La Plata instacron:UNLP |
| reponame_str |
SEDICI (UNLP) |
| collection |
SEDICI (UNLP) |
| instname_str |
Universidad Nacional de La Plata |
| instacron_str |
UNLP |
| institution |
UNLP |
| repository.name.fl_str_mv |
SEDICI (UNLP) - Universidad Nacional de La Plata |
| repository.mail.fl_str_mv |
alira@sedici.unlp.edu.ar |
| _version_ |
1849875950708195328 |
| score |
13.011256 |