Information Security News mailing list archives
CFP workshop on information security system rating and ranking
From: InfoSec News <isn () C4I ORG>
Date: Sun, 18 Feb 2001 00:37:39 -0600
---------- Forwarded message ---------- Date: Fri, 16 Feb 2001 00:36:33 -0500 From: ACSAC Publicity <ACSAC_announce.owner () acsac org> To: Recipient List Suppressed: ; Subject: CFP workshop on information security system rating and ranking Call for Participation FIRST WORKSHOP ON INFORMATION SECURITY SYSTEM RATING AND RANKING (commonly but improperly known as "Security Metrics") Williamsburg, Virginia, May 21-23, 2001 Sponsored by: Applied Computer Security Associates (ACSA) and The MITRE Corporation After more than 20 years of effort in "security metrics," the evolution of product evaluation criteria identification, Information Assurance (IA) quantification, and risk assessment/analysis methodology development, has led to the widespread need for a single number or digraph rating of the "security goodness" of a component or system. Computer science has steadily frustrated this need--it has neither provided generally accepted, reliable measures for rating IT security nor has it applied any measures for security assurance. The goals of this workshop are to recap the current thinking on "IA metrics" activities and to formulate a path for future work on IA rating/ranking systems. Topics will include identifying workable successes or capturing lessons learned from our failures, clarifying what is measurable, and the addressing the impact of related technology insertion. The expected workshop result is the determination of "good" indicators of the IA posture of a system. The workshop will serve as a forum for group discussion, with topics determined by the participants. Submission of a 4-to-5-page position paper is required for workshop attendance. For further information, please see: www.acsac.org/measurement Deadline for submission of papers: March 30, 2001. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- CFP workshop on information security system rating and ranking InfoSec News (Feb 18)