Skip to main content
SpringerLink
Log in
Book cover

Software Engineering in Intelligent Systems pp 327–337Cite as

Monitoring the Effectiveness of Security Countermeasures in a Security Risk Management Model

  • Conference paper

  • 1487 Accesses

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 349))

Abstract

Through our studies, successful and relevant security risk management models help to choose the right security measures which are vital in business analysis. In earlier works, an interesting value based cybersecurity metric namely the Mean failure Cost (MFC) has been presented. It computes for each system’s stakeholder his loss of operation in monetary term taking into consideration the security requirements, the architectural components and threats of such a system. In this paper, our intention is to extend this measure into a security risk management process in order to highlight the security priorities, implement controls and countermeasures then monitor the effectiveness of the chosen security solution by using the return on investment (ROI). Our attempt is to maximize the security management performance and business decisions by saving both time and money. The practical investigation is conducted thought the context of e-learning systems.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Rabai, L.B.A., Rjaibi, N.: Assessing Quality in E-learning including learner with Special Needs. In: Proceedings of The Fourth National Symposium on Informatics, Technologies for Special Needs, April 23-25. King Saud University, Riyadh (2013), http://nsi.ksu.edu.sa/node/2

  2. Rjaibi, N., Rabai, L.B.A.: Toward A New Model For Assessing Quality Teaching Processes In E-learning. In: Proceedings of 3rd International Conference on Computer Supported Education, CSEDU 2011, Noordwijkerhout, The Netherlands, May 6-9, vol. 2, pp. 468–472. SciTePress (2011), http://www.csedu.org , ISBN: 978-989-8425-50-8

  3. Rabai, L.B.A., Rjaibi, N., Aissa, A.B.: Quantifying Security Threats for E-learning Systems. In: IEEE Proceedings of International Conference on Education & E-Learning Innovations- Infrastructural Development in Education (ICEELI 2012), Sousse,Tunisia, July 1-3 (2012), http://www.iceeli.org/index.htm , doi:10.1109/ICEELI.2012.6360592, Print ISBN: 978-1-4673-2226-3

  4. Rjaibi, N., Rabai, L.B.A., Omrani, H., Aissa, A.B.: Mean failure cost as a measure of critical security requirements: E-learning case study. In: Proceedings of the 2012 World Congress in Computer Science, Computer Engineering, and Applied Computing (WORLDCOMP 2012, Las Vegas, Nevada, USA), July 16-19, pp. 520–526. CSREA Press, U. S. A. (2012), The 11 th International Conference on e-Learning, e-Business, Enterprise Information Systems, and e-Government (EEE 2012: July 16-19, USA), ISBN: 1-60132-209-7

    Google Scholar 

  5. Rjaibi, N., Rabai, L.B.A., Aissa, B.A., Louadi, M.: Cyber security measurement in depth for e-learning systems. International Journal of Advanced Research in Computer Science and Software Engineering (IJARCSSE) 2(11), 107–120 (2012), http://www.ijarcsse.com , ISSN (Online): 2277 128X, ISSN (Print): 2277 6451

  6. Rjaibi, N., Rabai, L.B.A., Aissa, B.A., Mili, A.: Mean failure Cost as a Measurable Value and Evidence of Cybersecurity: E-learning Case Study. International Journal of Secure Software Engineering (IJSSE) 4(3), 64–81 (2013), http://www.igi-global.com/ijsse , doi:10.4018/jsse.2013070104

    Article  Google Scholar 

  7. Rjaibi, N., Rabai, L.B.A., Aissa, B.A.: A basic security requirements taxonomy to quantify security threats: an e-learning application. In: Proceedings of the Third International Conference on Digital Information Processing and Communications (ICDIPC 2013), Session: Information security, Islamic Azad University (IAU), Dubai, United Arab Emirates (UAE), January 30-February 1, pp. 96–105 (2013), http://www.sdiwc.net/conferences/2013/Dubai/ , ISBN: 978-0-9853483-3-5 ©2013 SDIWC

  8. Rjaibi, N., Rabai, L.B.A., Aissa, A.B.: The Mean Failure Cost Cybersecurity Model toward Security Measures And Associated Mechanisms. International Journal of Cyber-Security and Digital Forensics (IJCSDF) 2(2), 23–35 (2013)

    Google Scholar 

  9. Aissa, A.B.: Vers une mesure économétrique de la sécurité des systèmes informatiques, Doctoral dissertation, Faculty of Sciences of Tunis, submitted (Spring 2012)

    Google Scholar 

  10. Nazareth, D.L., Choi, J.A.: System Dynamics Model for Information Security Management. Information & Management (2014)

    Google Scholar 

  11. Fenz, S., Heurix, J., Neubauer, T., Pechstein, F.: Current challenges in information security risk management. Information Management & Computer Security 22(5), 410–430 (2014)

    Article  Google Scholar 

  12. Feng, N., Wang, H.J., Li, M.: A security risk analysis model for information systems: causal relationships of risk factors and vulnerability propagation analysis. Information Sciences 256, 57–73 (2014)

    Article  Google Scholar 

  13. Weippl, E.R., Ebner, M.: Security Privacy Challenges in E-Learning 2.0. In: World Conference on E-Learning in Corporate, Government, Healthcare, and Higher Education Healthcare, and Higher Education, pp. 4001–4007 (2008)

    Google Scholar 

  14. Raitman, R., Ngo, L., Augar, N., Zhou, W.: Security in the online e-learning environment. In: Fifth IEEE International Conference on Advanced Learning Technologies, ICALT 2005, pp. 702–706. IEEE (2005)

    Google Scholar 

  15. Weippl, E.: Security In E-Learning, eLearn Magazine. Association for Computing Machinery (ACM), article from 16, 03–05 (2005)

    Google Scholar 

  16. Aissa, A.B., Abercrombie, R.K., Sheldon, F.T., Mili, A.: Defining and Computing a Value Based Cyber-Security Measure. Information Systems and e-Business Management 10(4), 433–453 (2012), doi:10.1007/s10257-011-0177-1

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Institut Supérieur de Gestion, University of Tunis, Tunis, Tunisia

    Neila Rjaibi & Latifa Ben Arfa Rabai

Authors
  1. Neila Rjaibi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Latifa Ben Arfa Rabai
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Neila Rjaibi .

Editor information

Editors and Affiliations

  1. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Radek Silhavy

  2. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Roman Senkerik

  3. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Zuzana Kominkova Oplatkova

  4. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Zdenka Prokopova

  5. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Petr Silhavy

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Rjaibi, N., Rabai, L.B.A. (2015). Monitoring the Effectiveness of Security Countermeasures in a Security Risk Management Model. In: Silhavy, R., Senkerik, R., Oplatkova, Z., Prokopova, Z., Silhavy, P. (eds) Software Engineering in Intelligent Systems. Advances in Intelligent Systems and Computing, vol 349. Springer, Cham. https://doi.org/10.1007/978-3-319-18473-9_32

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-18473-9_32

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-18472-2

  • Online ISBN: 978-3-319-18473-9

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation