Engineering Commons^™

Information Security System Rating And Ranking, Rayford B. Vaughn Jr., Ambareen Sira, David A. Dampier

Computer Sciences and Electrical Engineering Faculty Research

The term assurance has been used for decades in trusted system development to express the notion of confidence in the strength of a specific system or system of systems. The unsolved problem that security engineers must struggle with is the adoption of measures or metrics that can reliably depict the assurance associated with a specific hardware and software architecture. This article reports on a recent attempt to focus needs in this area and suggests various categories of information assurance metrics that may be helpful to an organization that is deciding which set is useful for a specific application.