4. QoP 2008: Alexandria, VA, USA

Andy Ozment, Ketil Stølen (Eds.): Proceedings of the 4th ACM Workshop on Quality of Protection, QoP 2008, Alexandria, VA, USA, October 27, 2008. ACM 2008, ISBN 978-1-60558-321-1

Gunnar Peterson:
The economics of finding and fixing vulnerabilities in distributed systems. 1-2

Security measurement

Karen Scarfone, Peter Mell:
Vulnerability scoring for security configuration settings. 3-8
Yijun Yu, Haruhiko Kaiya, Hironori Washizaki, Yingfei Xiong, Zhenjiang Hu, Nobukazu Yoshioka:
Enforcing a security pattern in stakeholder goal models. 9-14
Gerardo Canfora, Corrado Aaron Visaggio:
Does enforcing anonymity mean decreasing data usefulness? 15-22
Marcel Frigault, Lingyu Wang, Anoop Singhal, Sushil Jajodia:
Measuring network security using dynamic bayesian network. 23-30

Software security

Michael Gegick, Laurie Williams, Jason Osborne, Mladen A. Vouk:
Prioritizing software security fortification throughcode-level metrics. 31-38
Mariano Ceccato, Massimiliano Di Penta, Jasvir Nagra, Paolo Falcarin, Filippo Ricca, Marco Torchiano, Paolo Tonella:
Towards experimental evaluation of code obfuscation techniques. 39-46
Yonghee Shin, Laurie Williams:
Is complexity really the enemy of software security? 47-50

Risk

Kevin Clark, Ethan Singleton, Stephen Tyree, John Hale:
Strata-Gem: risk assessment through mission modeling. 51-58
Yudistira Asnar, Nicola Zannone:
Perceived risk assessment. 59-64
Marco Domenico Aime, Andrea S. Atzeni, Paolo Carlo Pomi:
The risks with security metrics. 65-70