Title: A BASIC SECURITY REQUIREMENTS TAXONOMY TO QUANTIFY SECURITY THREATS: AN E-LEARNING APPLICATION

Year of Publication: 2013
Page Numbers: 96-105
Authors: Neila Rjaibi, Latifa Ben Arfa Rabai, Anis Ben Aissa
Conference Name: The Third International Conference on Digital Information Processing and Communications (ICDIPC2013)
- United Arab Emirates

Abstract:


In this paper, we go on to define and refine a basic security requirements taxonomy adapted to all context and systems, then our hierarchical model is used to enrich the first matrix (stake matrix) of the Mean Failure Cost (MFC) cyber security measure. The stake matrix defines the list of system’s stakeholders and the list of security requirements, it is used to express each cell in dollar monetary terms, it represents loss incurred and/or premium placed on requirement in order to compute the Mean Failure Cost for a given system. This expansion gives us more precise estimation, clear refinement and useful interpretation for security related decision-making using MFC. Moreover, the proposed taxonomy of security requirements forms a unified model of security concepts because security lacks a clear taxonomy of attributes, requirements, and standard controls. This taxonomy leads to the improvement of the system’s software quality and its well running.