A Security Risk Analysis Model for Information Systems

Information security is a crucial technique for an organization to survive in these days. However, there is no integrated model to assess the security risk quantitatively and optimize its resources to protect organization information and assets effectively. In this paper, an integrated, quantitative...

Full description

Saved in:
Bibliographic Details
Published inSystems Modeling and Simulation: Theory and Applications pp. 505 - 513
Main Authors In, Hoh Peter, Kim, Young-Gab, Lee, Taek, Moon, Chang-Joo, Jung, Yoonjung, Kim, Injung
Format Book Chapter
LanguageEnglish
Published Berlin, Heidelberg Springer Berlin Heidelberg 2005
SeriesLecture Notes in Computer Science
Subjects
Information Security
Risk Mitigation
Security Risk
Threat Model
Vulnerability Model
Online AccessGet full text
ISBN3540244778
9783540244776
ISSN0302-9743
1611-3349
DOI10.1007/978-3-540-30585-9_56

Cover

More Information
Summary:Information security is a crucial technique for an organization to survive in these days. However, there is no integrated model to assess the security risk quantitatively and optimize its resources to protect organization information and assets effectively. In this paper, an integrated, quantitative risk analysis model is proposed including asset, threat and vulnerability evaluations by adapting software risk management techniques. It is expected to analyze security risk effectively and optimize resources to mitigate the risk.
ISBN:3540244778
9783540244776
ISSN:0302-9743
1611-3349
DOI:10.1007/978-3-540-30585-9_56