By Topic

Evaluating security products based on appropriate usage

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)

Information security products have evolved rapidly over the last decade. However, the science of evaluating products has virtually stood still during that same time period, creating a knowledge gap that has made it difficult for information security buyers to determine whether or not a product meets specific security and/or compliance needs. This paper discusses a new method for evaluating technology products based upon the appropriateness within the context that they will be deployed. By applying a Use Case-based methodology, information security professionals can more clearly identify detailed protection requirements for a given environment. Two examples are given: (1) Use Cases can clarify different application security requirements between retail storefronts and back-end e-commerce datacenters; and (2) Use Cases allow the assessment of anti-malware products based on the relative importance of different malware attack vectors to the endpoints being protected.

Published in:

Malicious and Unwanted Software (MALWARE), 2011 6th International Conference on

Date of Conference:

18-19 Oct. 2011