IDEAS home Printed from https://ideas.repec.org/a/wly/riskan/v25y2005i1p141-149.html
   My bibliography  Save this article

Proportional Hazards in Information Security

Author

Listed:
  • Julie J. C. H. Ryan
  • Daniel J. Ryan

Abstract

Nonparametric methods can be used to analyze failure times and estimate probability distributions for failures of systems due to successful attacks on confidentiality, integrity, and availability in information security. However, such methods do not take full advantage of supplemental information regarding the configurations of systems in an information infrastructure that is usually also available. One approach, which does take advantage of such information, views the risks of systems failing from various causes as competing risks and determines the correlation coefficients of different treatments to system longevity. Since the times and causes of failure in such studies are usually uncorrelated, the hazards associated with each risk are proportional. By correlating system survival times to the use of specific design enhancements and security countermeasures, as well as to system exposure based on choice of operational functionality, guidance can be obtained for making investments in information security.

Suggested Citation

  • Julie J. C. H. Ryan & Daniel J. Ryan, 2005. "Proportional Hazards in Information Security," Risk Analysis, John Wiley & Sons, vol. 25(1), pages 141-149, February.
    • Handle: RePEc:wly:riskan:v:25:y:2005:i:1:p:141-149
    DOI: 10.1111/j.0272-4332.2005.00573.x
    as

    Download full text from publisher

    File URL: https://doi.org/10.1111/j.0272-4332.2005.00573.x
    Download Restriction: no
    File URL: https://libkey.io/10.1111/j.0272-4332.2005.00573.x?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Navid Ghaffarzadegan, 2008. "How a System Backfires: Dynamics of Redundancy Problems in Security," Risk Analysis, John Wiley & Sons, vol. 28(6), pages 1669-1687, December.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:wly:riskan:v:25:y:2005:i:1:p:141-149. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Wiley Content Delivery (email available below). General contact details of provider: https://doi.org/10.1111/(ISSN)1539-6924 .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.