A Practical Security Risk Analysis Process and Tool for Information System

被引：0

作者：

Chung, YoonJung ^{[1
]}

Kim, InJung ^{[1
]}

Lee, DoHoon ^{[1
]}

机构：

[1] Elect & Telecommun Res Inst, Daejeon, South Korea

来源：

JOURNAL OF INFORMATION PROCESSING SYSTEMS | 2006年 / 2卷 / 02期

关键词：

Risk Management; Asset; Threats; Vulnerability; Countermeasure;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

While conventional business administration-based information technology management methods are applied to the risk analysis of information systems, no security risk analysis techniques have been used in relation to information protection. In particular, given the rapid diffusion of information systems and the demand for information protection, it is vital to develop security risk analysis techniques. Therefore, this paper will suggest an ideal risk analysis process for information systems. To prove the usefulness of this security risk analysis process, this paper will show the results of managed, physical and technical security risk analysis that are derived from investigating and analyzing the conventional information protection items of an information system.

引用

页码：95 / 100

页数：6

共 50 条

[1] Fuzzy tool for conducting information security risk analysis
Bartos, Jiri
Walek, Bogdan
Klimes, Cyril
Farana, Radim
[J]. 2014 15TH INTERNATIONAL CARPATHIAN CONTROL CONFERENCE (ICCC), 2014, : 28 - 33
[2] Comprehensive analysis of the security risk of information system
Song, Rushun
[J]. Jisuanji Gongcheng/Computer Engineering, 2000, 26 (12): : 33 - 34
[3] System Dynamics as a Tool for Information Security
Qian, Ying
Fang, Yulin
Gonzalez, Jose J.
[J]. PROCEEDINGS OF 2009 CONFERENCE ON SYSTEMS SCIENCE, MANAGEMENT SCIENCE & SYSTEM DYNAMICS, VOL 5, 2009, : 147 - 155
[4] Study on security risk evaluation model, process and tools of information system
Zheng, Pei
Lai, KinKeung
Zhang, Yirong
[J]. PROCEEDINGS OF THE 2008 INTERNATIONAL CONFERENCE ON E-RISK MANAGEMENT (ICERM 2008), 2008, : 47 - +
[5] A framework and tool for the assessment of information security risk, the reduction of information security cost and the sustainability of information security culture
Govender S.G.
Kritzinger E.
Loock M.
[J]. Personal and Ubiquitous Computing, 2021, 25 (05) : 927 - 940
[6] Modifications of the Formal Risk Analysis and Assessment for the Information System Security
El Fray, Imed
Wilinski, Artur
[J]. ADVANCES IN SCIENCE AND TECHNOLOGY-RESEARCH JOURNAL, 2024, 18 (02) : 317 - 332
[7] A Collaborative Process Based Risk Analysis for Information Security Management Systems
Karabacak, Bilge
Ozkan, Sevgi
[J]. PROCEEDINGS OF THE 5TH INTERNATIONAL CONFERENCE ON INFORMATION WARFARE AND SECURITY, 2010, : 182 - 192
[8] Risk Analysis of Information System Security Based on the Evidence Distance
LingHu, Jinhua
Pan, Ping
Du, Yaoyao
[J]. PROCEEDINGS OF THE 11TH INTERNATIONAL CONFERENCE ON MODELLING, IDENTIFICATION AND CONTROL (ICMIC2019), 2020, 582 : 347 - 358
[9] Information Security Risk Analysis of Intelligent Terminals in Electricity Information Collection System
Li Tong
Sun Heyang
Yang Chao
Ren Shuai
Wang Gang
Song Jinliang
Jiang Xue
[J]. PROCEEDINGS OF ACM TURING AWARD CELEBRATION CONFERENCE, ACM TURC 2021, 2021, : 98 - 103
[10] Practical Vulnerability-Information-Sharing Architecture for Automotive Security-Risk Analysis
Lee, Yousik
Woo, Samuel
Song, Yunkeun
Lee, Jungho
Lee, Dong Hoon
[J]. IEEE ACCESS, 2020, 8 : 120009 - 120018

← 1 2 3 4 5 →