A Practical Security Risk Analysis Process and Tool for Information System

被引:0
|
作者
Chung, YoonJung [1 ]
Kim, InJung [1 ]
Lee, DoHoon [1 ]
机构
[1] Elect & Telecommun Res Inst, Daejeon, South Korea
来源
JOURNAL OF INFORMATION PROCESSING SYSTEMS | 2006年 / 2卷 / 02期
关键词
Risk Management; Asset; Threats; Vulnerability; Countermeasure;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
While conventional business administration-based information technology management methods are applied to the risk analysis of information systems, no security risk analysis techniques have been used in relation to information protection. In particular, given the rapid diffusion of information systems and the demand for information protection, it is vital to develop security risk analysis techniques. Therefore, this paper will suggest an ideal risk analysis process for information systems. To prove the usefulness of this security risk analysis process, this paper will show the results of managed, physical and technical security risk analysis that are derived from investigating and analyzing the conventional information protection items of an information system.
引用
收藏
页码:95 / 100
页数:6
相关论文
共 50 条
  • [41] Study on Business Process-based Risk Analysis of Information System
    Yu Zhiwei
    [J]. 2012 7TH INTERNATIONAL CONFERENCE ON SYSTEM OF SYSTEMS ENGINEERING (SOSE), 2012, : 779 - 783
  • [42] A Quantitative Method for Multicriteria Analysis of the Assets of a Critical System in the Management Process of Information Security
    Firoiu, Marian
    Bacivarov, Ioan C.
    [J]. QUALITY-ACCESS TO SUCCESS, 2019, 20 (173): : 138 - 144
  • [43] NeuCheck: A more practical Ethereum smart contract security analysis tool
    Lu, Ning
    Wang, Bin
    Zhang, Yongxin
    Shi, Wenbo
    Esposito, Christian
    [J]. SOFTWARE-PRACTICE & EXPERIENCE, 2021, 51 (10): : 2065 - 2084
  • [44] A Risk Management Process for Consumers: The Next Step in Information Security
    van Cleeff, Andre
    [J]. NEW SECURITY PARADIGMS WORKSHOP 2010, 2010, : 107 - 114
  • [45] Research and Implementation of Intelligent Substation Information Security Risk Assessment Tool
    Zou, Zhenwan
    Hou, Yingsa
    Yang, Huiting
    Li, Mingxuan
    Wang, Bin
    Guo, Qingrui
    [J]. PROCEEDINGS OF 2019 IEEE 8TH JOINT INTERNATIONAL INFORMATION TECHNOLOGY AND ARTIFICIAL INTELLIGENCE CONFERENCE (ITAIC 2019), 2019, : 1306 - 1310
  • [46] Application of Fuzzy Logic in the Process of Information Security Risk Assessment
    Kokles, Mojmir
    Filanova, Jana
    Korcek, Frantisek
    [J]. INNOVATION MANAGEMENT AND EDUCATION EXCELLENCE VISION 2020: FROM REGIONAL DEVELOPMENT SUSTAINABILITY TO GLOBAL ECONOMIC GROWTH, VOLS I - VI, 2016, : 1078 - 1088
  • [47] An embedded system for practical security analysis of contactless smartcards
    Kasper, Timo
    Carluccio, Dario
    Paar, Christof
    [J]. INFORMATION SECURITY THEORY AND PRACTICES: SMART CARDS, MOBILE AND UBIQUITOUS COMPUTING SYSTEMS, PROCEEDINGS, 2007, 4462 : 150 - +
  • [48] Security risk analysis for chemical process facilities
    Lemley, JR
    Fthenakis, VM
    Moskowitz, PD
    [J]. PROCESS SAFETY PROGRESS, 2003, 22 (03) : 153 - 162
  • [49] The improved risk analysis mechanism in the practical risk analysis system
    Hwang, SC
    Lee, NH
    Sakurai, K
    Park, GC
    Ryou, JC
    [J]. INFORMATION NETWORKING: CONVERGENCE IN BROADBAND AND MOBILE NETWORKING, 2005, 3391 : 835 - 842
  • [50] Information Security Risk Assessment for the Malaysian Aeronautical Information Management System
    Alwi, Alfian
    Ariffin, Khairul Akram Zainol
    [J]. PROCEEDINGS OF THE 2018 CYBER RESILIENCE CONFERENCE (CRC), 2018,
12345