ABSTRACT A lack of security metrics signifies that it is not possible to measure the success of security policies, mechanisms and implementations, and security cannot, in turn, be improved if it cannot be measured. The importance of the use of metrics to obtain security quality is thus widely accepted. However, the definition of security metrics concerns a discipline which is still in its first stages of development, meaning that few documented resources or works centring on this subject exist to date. In this paper we shall therefore study the latest existing models with which to define security metrics and their components as aspects that have a bearing on the quality of software products with the intention that this will serve as a basis for continued advancement in research into this area of knowledge.
daniel mellado hasn't uploaded this paper.
Let daniel know you want this paper to be uploaded.
