Security engineering is concerned with whether a system can survive accidental or intentional attacks on it from outside. One of the most important problems in security engineering is the numerical evaluation of the security efficiency. According to Brocklehurst et all. (Brocklehurst et al. 1994), it is necessary to consider the effort, reward, owner's loss and expenses as a measures of security. In order to compute the new generalized or system security characteristics from the above, it is proposed to use the Walley's theory of imprecise probabilities. The basic tool for computing new generalized security measures from the initial judgements is the natural extension which can be regarded as a linear optimization problem. As examples we analyze the operational security of an information system developed as a client-server system with the hierarchical structure.
展开▼
