An Information Security Risk Management Algorithm Based on Risk Propagation in Energy Internet

被引：0

作者：

Qiao Hong ^{[1
]}

Tian Jiawei ^{[1
]}

Tian Zheng ^{[1
]}

Qi Wenhui ^{[1
]}

Liu Chun ^{[1
]}

Li Xi ^{[1
]}

Zhu Hongyu ^{[1
]}

机构：

[1] State Grid Hunan Elect Power Corp Res Inst, Changsha 410007, Hunan, Peoples R China

来源：

2017 IEEE CONFERENCE ON ENERGY INTERNET AND ENERGY SYSTEM INTEGRATION (EI2) | 2017年

关键词：

information security risk assessment; propagation effect; partitions; Dependency Structure Matrix;

D O I：

暂无

中图分类号：

TE [石油、天然气工业]; TK [能源与动力工程];

学科分类号：

0807 ; 0820 ;

摘要：

Traditional information Security Risk Assessment algorithms are mainly used for evaluating small scale of information system, not suitable for massive information systems in Energy Internet. To solve the problem, this paper proposes an Information Security Risk Algorithm based on Dynamic Risk Propagation (ISRADRP). ISRADRP firstly divides information systems in the Energy Internet into different partitions according to their logical network location. Then, ISRADRP computes each partition's risk value without considering threat propagation effect via RM algorithm. Furthermore, ISRADRP calculates inside and outside propagation risk value for each partition according to Dependency Structure Matrix. Finally, the security bottleneck of systems will be identified and the overall risk value of information system will be obtained.

引用

页数：6

共 50 条

[1] Determining Information Security Threats for an IoT-Based Energy Internet by Adopting Software Engineering and Risk Management Approaches
Chen, Yu-Tso
Huang, Chuang-Chiao
[J]. INVENTIONS, 2019, 4 (03)
[2] The Information Security Risk Management
Semin, Valeriy G.
Shmakova, Elena G.
Los, Lexei B.
[J]. PROCEEDINGS OF THE 2017 INTERNATIONAL CONFERENCE QUALITY MANAGEMENT,TRANSPORT AND INFORMATION SECURITY, INFORMATION TECHNOLOGIES (IT&QM&IS), 2017, : 106 - 109
[3] Information security and risk management
Bodin, Lawrence D.
Gordon, Lawrence A.
Loeb, Martin P.
[J]. COMMUNICATIONS OF THE ACM, 2008, 51 (04) : 64 - 68
[4] Statistics Based Information Security Risk Management Methodology
Saluja, Upasna
Idris, Dato Norbik Bashah
[J]. INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2015, 15 (10): : 117 - 123
[5] Enterprise Risk Management and Information Systems Security Risk
Olson, David L.
Wu, Desheng
[J]. PROCEEDINGS OF THE 3RD INTERNATIONAL CONFERENCE ON RISK MANAGEMENT & GLOBAL E-BUSINESS, VOLS I AND II, 2009, : 1 - 5
[6] Information security risk assessment model for risk management
Wawrzyniak, Dariusz
[J]. TRUST, PRIVACY, AND SECURITY IN DIGITAL BUSINESS, PROCEEDINGS, 2006, 4083 : 21 - 30
[7] Risk assessment of complex information system security based on threat propagation
[J]. Shi, Z. (shizz@ics.ict.ac.cn), 1600, Tsinghua University (54):
[8] Overview of Information Security Management-Based on Enterprise Risk Management
She, Jing-Huai
Zhang, Run-Qiang
She, Yuan
Hou, Bing-Xin
[J]. INTERNATIONAL CONFERENCE ON COMPUTER NETWORKS AND INFORMATION SECURITY (CNIS 2015), 2015, : 384 - 387
[9] Security through Information Risk Management
Johnson, M. Eric
Goetz, Eric
Pfleeger, Shari Lawrence
[J]. IEEE SECURITY & PRIVACY, 2009, 7 (03) : 45 - 52
[10] A Research on Information Value in Energy Internet Based on Risk Theory
Tan, Shengmin
Jiang, Chuanwen
He, Yang
[J]. 2017 IEEE CONFERENCE ON ENERGY INTERNET AND ENERGY SYSTEM INTEGRATION (EI2), 2017,

← 1 2 3 4 5 →