THE MEAN FAILURE COST CYBERSECURITY MODEL TOWARD SECURITY MEASURES AND ASSOCIATED MECHANISMS

This paper presents results of the quantification of security threats of e-learning system using an economic measure abridged by MFC (Mean Failure Cost). We study means to optimize this measure and to make it more precise, more useful in practice. First we develop basic security requirements taxonomy adapted to all context and systems because security requirements lacks a clear basic taxonomy. Then our hierarchical model is used to enrich the first matrix (stake matrix) of the MFC cyber security measure. The stake matrix defines the list of systema€ s stakeholders and the list of security requirements, it is used to express each cell in dollar monetary terms, it represents loss incurred and/or premium placed on requirement. Then we present a survey of known relationships among security sub-factors and measures as well as common mechanisms. Also we provide a control of the MFC using a classification of security measures. This information is useful in the design of decisions to requirements.