Technical Reports
HPL-2008-195
Click here for full text:
TCO-aware provisioning of information security infrastructure
Stephenson, Bryan
HP Laboratories
HPL-2008-195
Keyword(s): TCO automated security infrastructure provisioning
Abstract: As IT infrastructure proliferates, higher-level security controls must become interpretable and enforceable by machines, largely without human intervention. We establish a single provisioning model and process for addressing security and the Total Cost of Ownership (TCO). The innovation is the combination of these two aspects of provisioning hosted software in the same process and model. Provisions are made for comparing alternatives and justifying design and mechanism-selection decisions, based on their impact on the TCO of the system being protected. While TCO calculations may be estimations and qualitative, quantitative arguments can still be incorporated to validate all security infrastructure provisioning decisions made with respect to both security and TCO.
20 Pages
External Posting Date: November 21, 2008 [Fulltext]. Approved for External Publication
Internal Posting Date: November 21, 2008 [Fulltext]