Quantifying security threats and their potential impacts: A case study

Anis Ben Aissa, Robert K. Abercrombie, Frederick T. Sheldon, Ali Mili

Research output: Contribution to journalArticlepeer-review

44 Scopus citations


In earlier works we presented a computational infrastructure that allows an analyst to estimate the security of a system in terms of the loss that each stakeholder stands to sustain as a result of security breakdowns. In this paper we illustrate this infrastructure by means of an e-commerce application.

Original languageEnglish (US)
Pages (from-to)269-281
Number of pages13
JournalInnovations in Systems and Software Engineering
Issue number4
StatePublished - Dec 2010

All Science Journal Classification (ASJC) codes

  • Software


  • Cyber security metrics
  • Information security
  • Risk management

Cite this