 Proportional Hazards in Information SecurityJulie J. C. H. Ryan and Daniel J. Ryan Risk Analysis, 2005, vol. 25, issue 1, 141-149 Abstract: Nonparametric methods can be used to analyze failure times and estimate probability distributions for failures of systems due to successful attacks on confidentiality, integrity, and availability in information security. However, such methods do not take full advantage of supplemental information regarding the configurations of systems in an information infrastructure that is usually also available. One approach, which does take advantage of such information, views the risks of systems failing from various causes as competing risks and determines the correlation coefficients of different treatments to system longevity. Since the times and causes of failure in such studies are usually uncorrelated, the hazards associated with each risk are proportional. By correlating system survival times to the use of specific design enhancements and security countermeasures, as well as to system exposure based on choice of operational functionality, guidance can be obtained for making investments in information security. Date: 2005 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:wly:riskan:v:25:y:2005:i:1:p:141-149 Access Statistics for this article More articles in Risk Analysis from John Wiley & Sons |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.