Skip to main content
SpringerLink
Log in
Book cover

Dependable Computing for Critical Applications 4 pp 223–226Cite as

Quantitative Measures of Security

  • Conference paper

Part of the book series: Dependable Computing and Fault-Tolerant Systems ((DEPENDABLECOMP,volume 9))

Abstract

To the casual, yet interested, reader, one of the most striking properties of the Trusted Computer System Evaluation Criteria [1] and its international successors is that none of these documents contain any attempt to relate their evaluation levels to a measure of how much effort must be expended to break into a system. [2] As a consequence, it’s impossible to evaluate rationally the marginal benefit of spending the extra money necessary to obtain a higher rating than a lower one.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. National Computer Security Center, Trusted Computer System Evaluation Criteria, CSC-STD-001-83, Ft. Meade, MD, 1983.

    Google Scholar 

  2. J. McLean, “New Paradigms for High-Assurance Systems,” Proc. of the New Paradigms Workshop, IEEE Press, forthcoming.

    Google Scholar 

  3. D. Denning, Cryptography and Data Security, Addison-Wesley, Reading, MA, 1982.

    MATH  Google Scholar 

  4. J. McLean, “Security Models and Information Flow,” Proc. 1990 IEEE CS Symposium on Research in Security and Privacy, IEEE Press, 1990.

    Google Scholar 

  5. J. Gray, “Toward a Mathematical Foundation of Information Flow Security,” Journal of Computer Security, Vol. 1, no. 3-4.

    Google Scholar 

  6. J. Millen, “Covert Channel Capacity,” Proc. 1987 IEEE CS Symposium on Research in Security and Privacy, IEEE Press, 1987.

    Google Scholar 

  7. I. Moskowitz and A. Miller, “The Channel Capacity of a Certain Noisy Timing Channel,” IEEE Transactions on Information Theory, Vol. 38, no. 4, 1992.

    Google Scholar 

  8. J. McLean, “Models of Confidentiality: Past, Present, and Future,” Proc. Computer Security Foundations Workshop VI, IEEE Press, 1993.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for High Assurance Computer Systems, Naval Research Laboratory, Washington DC, 20375, USA

    John McLean

Authors
  1. John McLean
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of California, La Jolla, CA, 92093-0114, USA

    Flaviu Cristian

  2. INRIA, F-78150, Le Chesnay, France

    Gerard Le Lann (Research Director) (Research Director)

  3. ARPA/CSTO, Arlington, VA, 22203, USA

    Teresa Lunt (Program Manager) (Program Manager)

Rights and permissions

Reprints and permissions

Copyright information

© 1995 Springer-Verlag/Wien

About this paper

Cite this paper

McLean, J. (1995). Quantitative Measures of Security. In: Cristian, F., Le Lann, G., Lunt, T. (eds) Dependable Computing for Critical Applications 4. Dependable Computing and Fault-Tolerant Systems, vol 9. Springer, Vienna. https://doi.org/10.1007/978-3-7091-9396-9_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-7091-9396-9_18

  • Publisher Name: Springer, Vienna

  • Print ISBN: 978-3-7091-9398-3

  • Online ISBN: 978-3-7091-9396-9

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation