NDLI: From revenue assurance to assurance: the importance of measurementin computer security

Please wait, while we are loading the content...

From revenue assurance to assurance: the importance of measurementin computer security

Content Provider	ACM Digital Library
Author	Gutmann, Peter
Abstract	In 1995, Netscape rolled out SSL, the application-level security protocol that's used to secure web browsing, email, FTP, instant messaging, VoIP, and in general anything that needs an encrypted pipe from A to B. SSL is rather crucially dependent for its security on certificates created by third-party CAs, but for the first 11/2 decades of its existence no-one had ever tried to measure how effectively these were being handled. When a volunteer-run project by the EFF did finally examine the situation, they found a chaotic mess that still hasn't been fully untangled. Telcos faced the same problem in the 1990s when they found that, to their considerable surprise, their billing systems were incapable of properly managing mobile phone billing. The result was the field of revenue assurance, a systematic effort to measure and evaluate the performance of mobile phone systems, at least as it applied to billing users. This talk looks at various failures of measurement both in and outside the field of computer security, and applies lessons from the area of revenue assurance to computer security mechanisms.
Starting Page	1
Ending Page	2
Page Count	2
File Format	PDF
ISBN	9781450315081
DOI	10.1145/2372225.2372227
Language	English
Publisher	Association for Computing Machinery (ACM)
Publisher Date	2012-09-21
Publisher Place	New York
Access Restriction	Subscribed
Subject Keyword	Security metrics
Content Type	Text
Resource Type	Article

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in