Uma Proposta para Medição de Complexidade de Segurança em Procedimentos de Tecnologia da Informação

Giovane C. M. MouraLuciano P. Gaspary

IT security has become over the recent years a major concern for organizations. However, it doesn't come without large investments on both the acquisition of tools to satisfy particular security requirements and, in general, complex procedures to deploy and maintain a protected infrastructure. The scientific community has proposed in the recent past models and techniques to estimate the complexity of configuration procedures, aware that they represent a significant operational cost, often dominating total cost of ownership. However, despite the central role played by security within this context, it has not been subject to any investigation so far. To address this issue, we apply a model of configuration complexity proposed in the literature in order to be able to estimate security impact on the complexity of IT procedures. Our proposal has been materialized through a prototypical implementation of a complexity scorer system called Security Complexity Analyzer (SCA), that was used to evaluate real-life security scenarios.

Caso o link acima esteja inválido, faça uma busca pelo texto completo na Web: Buscar na Web

Biblioteca Digital Brasileira de Computação - Contato:
     Mantida por: