TU Berlin

Main document

Literature Database Entry


Steffen Weiß, Oliver Weißmann and Falko Dressler, "A Comprehensive and Comparative Metric for Information Security," Proceedings of IFIP International Conference on Telecommunication Systems, Modeling and Analysis 2005 (ICTSM 2005), Dallas, TX, November 2005, pp. 1–10.


Measurement of information security is important for organizations to justify security decisions and investments. Unfortunately, there are no metrics available that allow for a comprehensive security assessment of an entire organization. It turned out that there are two main aspects which are important to develop such a metric. On the one hand, an appropriate security indicator is required and, on the other hand, a method for combining single security aspects to an overall security measure for an entire organization. An approach fulfilling these two aspects is presented in this article. Besides a comparable indicator, based on the intuitive understanding of security, an approach is proposed for combining single security aspects to reflect the organization's security assessment. The presented approach was evaluated on a small university department. It will influence on forthcoming ISO 27004 metric-standard, which aligns with the already existing and well known ISO 17799.

Quick access

Authors' Version PDF (PDF on this web site)
BibTeX BibTeX


Steffen Weiß
Oliver Weißmann
Falko Dressler

BibTeX reference

    author = {Wei{\ss}, Steffen and Wei{\ss}mann, Oliver and Dressler, Falko},
    title = {{A Comprehensive and Comparative Metric for Information Security}},
    pages = {1--10},
    publisher = {International Federation for Information Processing (IFIP)},
    address = {Dallas, TX},
    booktitle = {IFIP International Conference on Telecommunication Systems, Modeling and Analysis 2005 (ICTSM 2005)},
    month = {11},
    year = {2005},

Copyright notice

Links to final or draft versions of papers are presented here to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted or distributed for commercial purposes without the explicit permission of the copyright holder.

The following applies to all papers listed above that have IEEE copyrights: Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

The following applies to all papers listed above that are in submission to IEEE conference/workshop proceedings or journals: This work has been submitted to the IEEE for possible publication. Copyright may be transferred without notice, after which this version may no longer be accessible.

The following applies to all papers listed above that have ACM copyrights: ACM COPYRIGHT NOTICE. Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Publications Dept., ACM, Inc., fax +1 (212) 869-0481, or permissions@acm.org.

The following applies to all SpringerLink papers listed above that have Springer Science+Business Media copyrights: The original publication is available at www.springerlink.com.

This page was automatically generated using BibDB and bib2web.


Featured Paper