A Process Framework for Stakeholder-Specific Visualization of Security Metrics
| Title | A Process Framework for Stakeholder-Specific Visualization of Security Metrics |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Hanauer, Tanja, Hommel, Wolfgang, Metzger, Stefan, Pöhn, Daniela |
| Conference Name | Proceedings of the 13th International Conference on Availability, Reliability and Security |
| Publisher | ACM |
| ISBN Number | 978-1-4503-6448-5 |
| Keywords | Collaboration, composability, Human Behavior, human factors, Information security, information theoretic security, Metrics, policy-based governance, pubcrawl, resilience, Resiliency, Scalability, Visualization of Security-Related Data |
| Abstract | Awareness and knowledge management are key components to achieve a high level of information security in organizations. However, practical evidence suggests that there are significant discrepancies between the typical elements of security awareness campaigns, the decisions made and goals set by top-level management, and routine operations carried out by systems administration personnel. This paper presents Vis4Sec, a process framework for the generation and distribution of stakeholder-specific visualizations of security metrics, which assists in closing the gap between theoretical and practical information security by respecting the different points of view of the involved security report audiences. An implementation for patch management on Linux servers, deployed at a large data center, is used as a running example. |
| URL | https://dl.acm.org/citation.cfm?doid=3230833.3232855 |
| DOI | 10.1145/3230833.3232855 |
| Citation Key | hanauer_process_2018 |