Applying a model of configuration complexity to measure security impact on IT procedures

IT security has become over the recent years a major concern for organizations. However, it doesn't come without large investments on both the acquisition of tools to satisfy particular security requirements and complex procedures to deploy and maintain a protected infrastructure. The scientific community has proposed in the recent past models and techniques to measure the complexity of configuration procedures, aware that they represent a significant operational cost, often dominating total cost of ownership. However, despite the central role played by security within this context, it has not been subject to any investigation so far. To address this issue, we apply a model of configuration complexity proposed in the literature in order to be able to estimate security impact on the complexity of IT procedures. Our proposal has been materialized through a prototypical implementation of a complexity scorer system called security complexity analyzer (SCA). To prove concept and technical feasibility of our proposal, we have used the SCA to evaluate real-life security scenarios.

[1]  Yixin Diao,et al.  Quantifying the Complexity of IT Service Management Processes , 2006, DSOM.

[2]  Keum-Suk Lee,et al.  A mobile agent security management , 2004, 18th International Conference on Advanced Information Networking and Applications, 2004. AINA 2004..

[3]  G. A. Miller THE PSYCHOLOGICAL REVIEW THE MAGICAL NUMBER SEVEN, PLUS OR MINUS TWO: SOME LIMITS ON OUR CAPACITY FOR PROCESSING INFORMATION 1 , 1956 .

[4]  Joseph L. Hellerstein,et al.  An approach to benchmarking configuration complexity , 2004, EW 11.

[5]  Joseph L. Hellerstein,et al.  A model of configuration complexity and its application to a change management system , 2005, 2005 9th IFIP/IEEE International Symposium on Integrated Network Management, 2005. IM 2005..

[6]  William Stallings,et al.  Network Security Essentials: Applications and Standards , 1999 .

[7]  William Stallings Network Security Essentials: Applications and Standards (3rd Edition) , 2006 .

[8]  Huseyin Cavusoglu,et al.  Model for Evaluating , 2022 .

[9]  Joseph L. Hellerstein,et al.  A configuration complexity model and its application to a change management system , 2007, IEEE Transactions on Network and Service Management.

[10]  Yixin Diao,et al.  Predicting Labor Cost through IT Management Complexity Metrics , 2007, 2007 10th IFIP/IEEE International Symposium on Integrated Network Management.