How Stakeholders Perceived Security Risks? A New Predictive Functional Level Model and its Application to E-Learning

Abstract

A new predictive functional level security risk management model is proposed in order to quantify the security level perception and the level of risk involved. It helps in defining the assets, measuring economically the risk, managing the risk toward decisions making. It is out of implementation and based on a functional level architecture. The paper defines a simple predictive model, it relies on a few number of inputs which form the system’s security specifications and provides one output which is the average loss per unit of time ($/H) incurred by a stakeholder as a result of security threats. The obtained values represent how stakeholders perceived economically security risks and predict how it will change over time to implement in advance the needed security strategies. Our model is useful in any security context. We report it in practice originally to the level of e-Learning systems for current architectures because they lack a common measurable value and evidence of cyber security. Our model assists security experts from the early phases of system’s development to implement future safe and secure platforms.