The MFC Cybersecurity Model Extension and Diagnostic toward a Depth Measurement

2015 ◽  
pp. 179-198
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai ◽  
Ali Mili
Keyword(s):  
Security Requirements ◽  
Security Measures ◽  
Security Risk ◽  
Depth Measurement ◽  
Wide Range ◽  
Failure Cost ◽  
E Learning ◽  
The Mean ◽  
Critical Components ◽  
Security Risk Management

This chapter presents a quantitative security risk management cybersecurity measure namely the Mean Failure Cost (MFC). We illustrate it to quantify the security of an e-Learning application while taking account of its respective stakeholders, security requirements, architectural components and the complete list of security threats. Moreover, in the mean time, security requirements are considered as appropriate mechanisms for preventing, detecting and recovering security attacks, for this reason an extension of the MFC measure is presented in order to detect the most critical security requirements to support the quantitative decision-making. Our focus is widespread to offer a diagnostic of the non secure system's problems and a depth insight interpretation about critical requirements, critical threats and critical components. This extension is beneficial and opens a wide range of possibilities for further economics based analysis. Also this chapter highlights the security measures for controlling e-Learning security problems regarding the most critical security requirements.

The Mean Failure Cost Cybersecurity Model to Quantify Security in E-Learning Environments

2016 ◽  
pp. 95-120
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai ◽  
Ali Mili
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Learning Systems ◽  
Security Requirements ◽  
Security Threats ◽  
Security Risk ◽  
Failure Cost ◽  
E Learning ◽  
The Mean ◽  
Security Risk Management

This chapter presents an overview of security challenges in e-Learning systems, and discusses a recent review related research on security risk management approaches in e-Learning to give a proper context to our work. The literature review proves a lack in quantitative security risk management models applied to e-learning system and presents the strengths of the Mean Failure Cost model in quantifying security threats with a financial risk measure. Moreover, we focus on presenting security aspects of e-Learning applications, and analyze its respective stakeholders, security requirements, architectural components and threats. The Mean Failure Cost (MFC) cyber security measure suitable for e-Learning systems is defined and computed. We adapt it to quantify security threats and risk within e-learning systems. It is based on the identification of system's architecture, the well-defined classes of stakeholders, the list of possible threats and vulnerabilities and the specific security requirements related to e-Learning systems and applications.

Mean Failure Cost as a Measurable Value and Evidence of Cybersecurity

2013 ◽  
Vol 4 (3) ◽  
pp. 64-81 ◽  
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai ◽  
Anis Ben Aissa ◽  
Ali Mili
Keyword(s):  
Cyber Security ◽  
Risk Measure ◽  
Learning Systems ◽  
Security Requirements ◽  
Online Information ◽  
Security Measures ◽  
Risk Management Process ◽  
Failure Cost ◽  
E Learning ◽  
The Mean

Addressing Cybersecurity within e-Learning systems becomes empowered to make online information more secure. Certain competences need to be identified as necessary skills to manage security online such the ability to assess sources and architectural components, understanding the privacy, confidentiality and user authentication. Security management approaches quantifying security threats in e-learning are common with other e-services. It is of our need to adopt a quantitative security risk management process in order to determine the worthiest attack and the ignored one, based on financial business risk measure which is the measure of the mean failure cost.This paper proposes a cyber security measure called the Mean Failure Cost (MFC) suitable for e-Learning systems. It is based on the identification of system’s architecture, the well-defined classes of stakeholders, the list of possible threats and vulnerabilities and the specific security requirements related to e-Learning systems and applications. In the mean time, security requirements are considered as appropriate mechanisms for preventing, detecting and recovering security attacks, for this reason an extension of the MFC measure is presented in order to detect the most critical security requirements. Also this paper highlights the security measures and guidelines for controlling e-Learning security policies regarding the most critical security requirements.

The Rigorous Security Risk Management Model

2018 ◽  
pp. 1299-1317
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Linear Models ◽  
Management Model ◽  
Security Risk ◽  
Security Threat ◽  
Risk Management Process ◽  
Failure Cost ◽  
The Mean ◽  
Security Risk Management

This chapter presents the security concepts terminologies (threat, risk, security risk management, security risk management process, security threat model) and present the state of the art of security risk management models, compare and discuss strengths and weaknesses of such models. Then it presents the Mean Failure Cost (MFC) model for quantifying security threats as a rigorous measure of cyber security, and as a cascade of linear models in order to estimate the system security using the loss of a given stakeholders as a result of security breakdown. Finally it presents an overview of the applicability of the MFC measure to e-systems. In the conclusion, the chapter criticizes the MFC Cyber Security Measure and presents an overview of different perspectives.

The Rigorous Security Risk Management Model

2018 ◽  
pp. 452-470
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Linear Models ◽  
Management Model ◽  
Security Risk ◽  
Security Threat ◽  
Risk Management Process ◽  
Failure Cost ◽  
The Mean ◽  
Security Risk Management

This chapter presents the security concepts terminologies (threat, risk, security risk management, security risk management process, security threat model) and present the state of the art of security risk management models, compare and discuss strengths and weaknesses of such models. Then it presents the Mean Failure Cost (MFC) model for quantifying security threats as a rigorous measure of cyber security, and as a cascade of linear models in order to estimate the system security using the loss of a given stakeholders as a result of security breakdown. Finally it presents an overview of the applicability of the MFC measure to e-systems. In the conclusion, the chapter criticizes the MFC Cyber Security Measure and presents an overview of different perspectives.

The Rigorous Security Risk Management Model

2015 ◽  
pp. 84-101 ◽  
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Linear Models ◽  
Management Model ◽  
Security Risk ◽  
Security Threat ◽  
Risk Management Process ◽  
Failure Cost ◽  
The Mean ◽  
Security Risk Management

This chapter presents the security concepts terminologies (threat, risk, security risk management, security risk management process, security threat model) and present the state of the art of security risk management models, compare and discuss strengths and weaknesses of such models. Then it presents the Mean Failure Cost (MFC) model for quantifying security threats as a rigorous measure of cyber security, and as a cascade of linear models in order to estimate the system security using the loss of a given stakeholders as a result of security breakdown. Finally it presents an overview of the applicability of the MFC measure to e-systems. In the conclusion, the chapter criticizes the MFC Cyber Security Measure and presents an overview of different perspectives.

Delivering Computerized Assessments Safely and Securely

2005 ◽  
pp. 263-279
Author(s):  
Eric Shepherd ◽  
John Kleeman ◽  
Joan Phaup
Keyword(s):  
Cost Effectiveness ◽  
Security Requirements ◽  
Technological Innovations ◽  
Security Measures ◽  
Computerized Assessments ◽  
Wide Range ◽  
Computer Based ◽  
Online Tests

The use of computers to assess knowledge, skills, and attitudes is now universal. Today, distinguishing between the various delivery and security requirements for each style of assessment is becoming increasingly important. It is essential to differentiate between the different styles of computerized assessments in order to deploy assessments safely, securely, and cost effectively. This chapter provides a methodology for assessing the security requirements for delivering computer-based assessments and discusses appropriate security measures based on the purpose and nature of those assessments. It is designed to help readers understand the issues that need to be addressed in order to balance the need for security with the need for cost effectiveness. The authors hope to give readers a working knowledge of the technological innovations that are making it easier to ensure the safety and security of a wide range of computerized assessments including online tests, quizzes, and surveys.

Computed Tomographic Trochlear Depth Measurement in Normal Dogs

2018 ◽  
Vol 31 (06) ◽  
pp. 431-437 ◽  
Author(s):  
Elena De Giacinto ◽  
Daniele Troiano ◽  
Francesco Denti ◽  
Michela Buiatti ◽  
Massimo Petazzoni
Keyword(s):  
Computed Tomography ◽  
Three Dimensional ◽  
Groove Depth ◽  
Trochlear Groove ◽  
Depth Measurement ◽  
Computed Tomography Images ◽  
Depth Ratio ◽  
Wide Range ◽  
The Mean ◽  
Patellar Thickness

Objectives The main purpose of this study was to describe the relationship between patellar maximal craniocaudal thickness and femoral trochlear groove depth in normal dogs and to valuate the intra-observer or inter-observer variability of maximal trochlear depth and maximal patellar craniocaudal thickness using computed tomography. Methods Trochlear groove depth and patellar maximal craniocaudal thickness of 40 limbs (20 dogs) were measured by three independent veterinarians using three-dimensional multiplanar reconstruction computed tomography images. The patellar maximal craniocaudal thickness/trochlear depth ratio was determined. Results The mean ratio of these stifles was 0.46 (range 0.24–0.70), meaning that the mean maximal depth of the trochlea was 46% of the mean maximal-patellar thickness. Clinical Significance A wide range of maximal–patellar–craniocaudal–thickness/maximal trochlear-depth ratio was found suggesting that breed studies should be performed to determine a breed-specific patellar-thickness/trochlear-depth ratio. To make decisions on when and where to perform a sulcoplasty during patellar luxation surgery, patella/trochlea thickness relationship should be measured for each breed with patellar tracking from stifle hyperflexion to stifle hyperextension.

Expansion and Practical Implementation of the MFC Cybersecurity Model via a Novel Security Requirements Taxonomy

2015 ◽  
Vol 6 (4) ◽  
pp. 32-51 ◽  
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Management Practices ◽  
Linear Models ◽  
Cost Model ◽  
Security Requirements ◽  
Practical Implementation ◽  
Security Threats ◽  
Security Risk ◽  
Failure Cost

In security risk management practices if we cannot measure, we can neither control nor improve. A challenging issue in the context of cyber security is to deal with the orthogonal classification of security requirements. A literature review has shown that there are different models of security requirements. Everyone examines some requirements and neglects others. In this paper, the authors intend to answer the question: what taxonomy of security requirements should we use in a security quantification process? It is thus imperative to build a standard, unified and hierarchical taxonomy which incorporates 13 security requirements and then refined in layer into 31 sub-factors referring to the variety of the proposed models based on previous works. The Mean Failure Cost model (MFC) is a recent, strong and structural risk management model. It is a cascade of linear models to quantify security threats in term of loss that results from system's vulnerabilities. It computes for each system's stakeholders his loss of operation ($/H) while taking account of its respective users, security requirements, system's components and the complete list of security threats. The proposed taxonomy is used to optimize quantification using the MFC metric by reducing the redundancy in estimating the security requirements values, and increasing accuracy in estimation. The authors applied the expansion of the MFC model to the context of e-learning platforms.

scholarly journals Information security risk management and incompatible parts of organization

2016 ◽  
Vol 9 (4) ◽  
pp. 964
Author(s):  
Elham Talabeigi ◽  
Seyyed Gholamreza Jalali Naeeini
Keyword(s):  
Risk Management ◽  
Information Security ◽  
Science And Technology ◽  
Learning Center ◽  
Security Risk ◽  
Proposed Model ◽  
Risk Management Process ◽  
E Learning ◽  
Negative Impacts ◽  
Security Risk Management

Purpose: we prepared a questionnaire to evaluate Incompatible parts and also risk management in University of Science and Technology E-Learning Center and studying the Incompatible parts impacts on utility of organization.Design/methodology/approach: By using coalitional game theory we present a new model to recognize the degrees of incompatibility among independent divisions of an organization with dependent security assets. Based on positive and negative interdependencies in the parts, the model provides how the organization can decrease the security risks through non-cooperation rather than cooperation. we implement the proposed model of this paper by analyzing the data which have been provided by questionnaires from different three managers' ideas of Iran University of Science and Technology E-Learning Center located in Iran University of Science and Technology, Tehran, Iran.Findings: In general, by collecting data and analyzing them, the survey showed that Incompatible parts of organizations have negative impacts on utility of organization risk management process. Furthermore, it adds values to other organizations and provides the best practices in planning, developing, implementing and monitoring risk management in organizations.Research limitations/implications: Since Information security and also Risk Management are still areas which need to improve in some Iranian universities, we couldn’t consider them in our analysis. On the other hand, due to questionnaire limitation, the study’s sample size is 1. This size may be considered large for our statistical analysis.Originality/value:  The main contribution of this paper is to propose a model for non-cooperation among a number of divisions in a organization and using risk management factors. 

Sign in / Sign up

Export Citation Format

Share Document