Mean Failure Cost as a Measurable Value and Evidence of Cybersecurity

2013 ◽  
Vol 4 (3) ◽  
pp. 64-81 ◽  
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai ◽  
Anis Ben Aissa ◽  
Ali Mili
Keyword(s):  
Cyber Security ◽  
Risk Measure ◽  
Learning Systems ◽  
Security Requirements ◽  
Online Information ◽  
Security Measures ◽  
Risk Management Process ◽  
Failure Cost ◽  
E Learning ◽  
The Mean

Addressing Cybersecurity within e-Learning systems becomes empowered to make online information more secure. Certain competences need to be identified as necessary skills to manage security online such the ability to assess sources and architectural components, understanding the privacy, confidentiality and user authentication. Security management approaches quantifying security threats in e-learning are common with other e-services. It is of our need to adopt a quantitative security risk management process in order to determine the worthiest attack and the ignored one, based on financial business risk measure which is the measure of the mean failure cost.This paper proposes a cyber security measure called the Mean Failure Cost (MFC) suitable for e-Learning systems. It is based on the identification of system’s architecture, the well-defined classes of stakeholders, the list of possible threats and vulnerabilities and the specific security requirements related to e-Learning systems and applications. In the mean time, security requirements are considered as appropriate mechanisms for preventing, detecting and recovering security attacks, for this reason an extension of the MFC measure is presented in order to detect the most critical security requirements. Also this paper highlights the security measures and guidelines for controlling e-Learning security policies regarding the most critical security requirements.

The Mean Failure Cost Cybersecurity Model to Quantify Security in E-Learning Environments

2016 ◽  
pp. 95-120
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai ◽  
Ali Mili
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Learning Systems ◽  
Security Requirements ◽  
Security Threats ◽  
Security Risk ◽  
Failure Cost ◽  
E Learning ◽  
The Mean ◽  
Security Risk Management

This chapter presents an overview of security challenges in e-Learning systems, and discusses a recent review related research on security risk management approaches in e-Learning to give a proper context to our work. The literature review proves a lack in quantitative security risk management models applied to e-learning system and presents the strengths of the Mean Failure Cost model in quantifying security threats with a financial risk measure. Moreover, we focus on presenting security aspects of e-Learning applications, and analyze its respective stakeholders, security requirements, architectural components and threats. The Mean Failure Cost (MFC) cyber security measure suitable for e-Learning systems is defined and computed. We adapt it to quantify security threats and risk within e-learning systems. It is based on the identification of system's architecture, the well-defined classes of stakeholders, the list of possible threats and vulnerabilities and the specific security requirements related to e-Learning systems and applications.

The MFC Cybersecurity Model Extension and Diagnostic toward a Depth Measurement

2015 ◽  
pp. 179-198
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai ◽  
Ali Mili
Keyword(s):  
Security Requirements ◽  
Security Measures ◽  
Security Risk ◽  
Depth Measurement ◽  
Wide Range ◽  
Failure Cost ◽  
E Learning ◽  
The Mean ◽  
Critical Components ◽  
Security Risk Management

This chapter presents a quantitative security risk management cybersecurity measure namely the Mean Failure Cost (MFC). We illustrate it to quantify the security of an e-Learning application while taking account of its respective stakeholders, security requirements, architectural components and the complete list of security threats. Moreover, in the mean time, security requirements are considered as appropriate mechanisms for preventing, detecting and recovering security attacks, for this reason an extension of the MFC measure is presented in order to detect the most critical security requirements to support the quantitative decision-making. Our focus is widespread to offer a diagnostic of the non secure system's problems and a depth insight interpretation about critical requirements, critical threats and critical components. This extension is beneficial and opens a wide range of possibilities for further economics based analysis. Also this chapter highlights the security measures for controlling e-Learning security problems regarding the most critical security requirements.

The Rigorous Security Risk Management Model

2018 ◽  
pp. 1299-1317
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Linear Models ◽  
Management Model ◽  
Security Risk ◽  
Security Threat ◽  
Risk Management Process ◽  
Failure Cost ◽  
The Mean ◽  
Security Risk Management

This chapter presents the security concepts terminologies (threat, risk, security risk management, security risk management process, security threat model) and present the state of the art of security risk management models, compare and discuss strengths and weaknesses of such models. Then it presents the Mean Failure Cost (MFC) model for quantifying security threats as a rigorous measure of cyber security, and as a cascade of linear models in order to estimate the system security using the loss of a given stakeholders as a result of security breakdown. Finally it presents an overview of the applicability of the MFC measure to e-systems. In the conclusion, the chapter criticizes the MFC Cyber Security Measure and presents an overview of different perspectives.

The Rigorous Security Risk Management Model

2018 ◽  
pp. 452-470
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Linear Models ◽  
Management Model ◽  
Security Risk ◽  
Security Threat ◽  
Risk Management Process ◽  
Failure Cost ◽  
The Mean ◽  
Security Risk Management

This chapter presents the security concepts terminologies (threat, risk, security risk management, security risk management process, security threat model) and present the state of the art of security risk management models, compare and discuss strengths and weaknesses of such models. Then it presents the Mean Failure Cost (MFC) model for quantifying security threats as a rigorous measure of cyber security, and as a cascade of linear models in order to estimate the system security using the loss of a given stakeholders as a result of security breakdown. Finally it presents an overview of the applicability of the MFC measure to e-systems. In the conclusion, the chapter criticizes the MFC Cyber Security Measure and presents an overview of different perspectives.

The Rigorous Security Risk Management Model

2015 ◽  
pp. 84-101 ◽  
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Linear Models ◽  
Management Model ◽  
Security Risk ◽  
Security Threat ◽  
Risk Management Process ◽  
Failure Cost ◽  
The Mean ◽  
Security Risk Management

This chapter presents the security concepts terminologies (threat, risk, security risk management, security risk management process, security threat model) and present the state of the art of security risk management models, compare and discuss strengths and weaknesses of such models. Then it presents the Mean Failure Cost (MFC) model for quantifying security threats as a rigorous measure of cyber security, and as a cascade of linear models in order to estimate the system security using the loss of a given stakeholders as a result of security breakdown. Finally it presents an overview of the applicability of the MFC measure to e-systems. In the conclusion, the chapter criticizes the MFC Cyber Security Measure and presents an overview of different perspectives.

The Effects of Cybercrime on the Banking Sector in ASEAN

2020 ◽  
pp. 130-148
Author(s):  
Cristi Spulbar ◽  
Ramona Birau
Keyword(s):  
Sustainable Development ◽  
Cyber Security ◽  
Essential Role ◽  
Banking Sector ◽  
Criminal Activity ◽  
Online Information ◽  
Security Measures ◽  
Bank Management ◽  
Global Challenges ◽  
Propagation Effects

The main objective of this chapter is to investigate the effects of cybercrime on the banking sector in ASEAN. Global challenges on the evolution of cybercrime are in continuous dynamics in the case of emerging or developing countries, so that sustainable development plays an essential role. Moreover, the propagation effects can generate significant damages in the banking sector. Efficient bank management is essential in the context of providing advanced techniques for cyber security. Traditional cyber security measures are insufficient to ensure data protection and online information privacy. Consequently, investigations of cyber-criminal activity must become a priority especially in the context of globalization.

Cyber Security of Children

2008 ◽  
pp. 46-61
Author(s):  
Stephen M. Mutula
Keyword(s):  
Cyber Security ◽  
Service Providers ◽  
Developed Countries ◽  
Sub Saharan Africa ◽  
Online Information ◽  
Security Measures ◽  
Internet Service ◽  
Online Security ◽  
Sub Saharan ◽  
Developed World

This author discusses issues and threats to children’s cyber security vis-à-vis access to useful children online literature and the implications for sub-saharan Africa. The author points out that whereas the benefits of online children literature are immense especially in Africa where there is paucity of print literature, increasing cyber security and crime targeting children is of growing concern to governments, school teachers, parents, and Internet service providers. The chapter observes that whereas the developed world has made attempts to put in place mechanisms and systems such as acceptable user policies and protection software to mitigate undesirable consequences of online insecurity to which children are the most vulnerable, Africa is lagging behind despite the pervading Internet on the continent. The author notes that censorship of online literature is not the panacea to cyber insecurity, but parents should work closely with teachers and service providers to find pragmatic ways of protecting children online. Africa could learn a lot from developed countries on how to balance between access to useful online information resources against the growing cyber crime targeting children. The author cautions that the future of online security with regard to children’s safety in cyberspace is bound to become more complex as technologies become more advanced and online predators evolve sophisticated ways to circumvent online security measures, calling for the development of a proactive security strategy to protect children online.

Expansion and Practical Implementation of the MFC Cybersecurity Model via a Novel Security Requirements Taxonomy

2015 ◽  
Vol 6 (4) ◽  
pp. 32-51 ◽  
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Management Practices ◽  
Linear Models ◽  
Cost Model ◽  
Security Requirements ◽  
Practical Implementation ◽  
Security Threats ◽  
Security Risk ◽  
Failure Cost

In security risk management practices if we cannot measure, we can neither control nor improve. A challenging issue in the context of cyber security is to deal with the orthogonal classification of security requirements. A literature review has shown that there are different models of security requirements. Everyone examines some requirements and neglects others. In this paper, the authors intend to answer the question: what taxonomy of security requirements should we use in a security quantification process? It is thus imperative to build a standard, unified and hierarchical taxonomy which incorporates 13 security requirements and then refined in layer into 31 sub-factors referring to the variety of the proposed models based on previous works. The Mean Failure Cost model (MFC) is a recent, strong and structural risk management model. It is a cascade of linear models to quantify security threats in term of loss that results from system's vulnerabilities. It computes for each system's stakeholders his loss of operation ($/H) while taking account of its respective users, security requirements, system's components and the complete list of security threats. The proposed taxonomy is used to optimize quantification using the MFC metric by reducing the redundancy in estimating the security requirements values, and increasing accuracy in estimation. The authors applied the expansion of the MFC model to the context of e-learning platforms.

Platform for Analysing and Encouraging Student Activity on Contest and E-learning Systems

2018 ◽  
Vol 12 ◽  
pp. 85-98
Author(s):  
Bojan Kostadinov ◽  
Mile Jovanov ◽  
Emil STANKOV
Keyword(s):  
Machine Learning ◽  
Data Collection ◽  
Educational Policy ◽  
Learning Systems ◽  
Data Sources ◽  
Or Education ◽  
Student Activity ◽  
The World ◽  
E Learning ◽  
Analyse Data

Data collection and machine learning are changing the world. Whether it is medicine, sports or education, companies and institutions are investing a lot of time and money in systems that gather, process and analyse data. Likewise, to improve competitiveness, a lot of countries are making changes to their educational policy by supporting STEM disciplines. Therefore, it’s important to put effort into using various data sources to help students succeed in STEM. In this paper, we present a platform that can analyse student’s activity on various contest and e-learning systems, combine and process the data, and then present it in various ways that are easy to understand. This in turn enables teachers and organizers to recognize talented and hardworking students, identify issues, and/or motivate students to practice and work on areas where they’re weaker.

Security of Cyber-Physical Systems: A Generalized Algorithm for Intrusion Detection and Determining Security Robustness of Cyber Physical Systems using Logical Truth Tables

2013 ◽  
Vol 9 ◽  
Author(s):  
Curtis G. Northcutt
Keyword(s):  
Intrusion Detection ◽  
Cyber Security ◽  
Logical Truth ◽  
Cyber Physical Systems ◽  
Security Model ◽  
Security Measures ◽  
Physical Systems ◽  
Multiple Signal ◽  
Security Attack ◽  
Truth Tables

The recent proliferation of embedded cyber components in modern physical systems [1] has generated a variety of new security risks which threaten not only cyberspace, but our physical environment as well. Whereas earlier security threats resided primarily in cyberspace, the increasing marriage of digital technology with mechanical systems in cyber-physical systems (CPS), suggests the need for more advanced generalized CPS security measures. To address this problem, in this paper we consider the first step toward an improved security model: detecting the security attack. Using logical truth tables, we have developed a generalized algorithm for intrusion detection in CPS for systems which can be defined over discrete set of valued states. Additionally, a robustness algorithm is given which determines the level of security of a discrete-valued CPS against varying combinations of multiple signal alterations. These algorithms, when coupled with encryption keys which disallow multiple signal alteration, provide for a generalized security methodology for both cyber-security and cyber-physical systems.

Sign in / Sign up

Export Citation Format

Share Document