pISRA: privacy considered information security risk assessment model

被引：16

作者：

Wei, Yu-Chih ^{[1
]}

Wu, Wei-Chen ^{[2
]}

Lai, Gu-Hsin ^{[3
]}

Chu, Ya-Chi ^{[4
]}

机构：

[1] Natl Kaohsiung Univ Sci & Technol, Dept Finance & Informat, Kaohsiung, Taiwan

[2] Hsin Sheng Jr Coll Med Care & Management, Comp Ctr, Taoyuan, Taiwan

[3] Taiwan Police Coll, Dept Technol Crime Invest, Taipei, Taiwan

[4] Chunghwa Telecom Co Ltd, Telecommun Labs, Taoyuan, Taiwan

来源：

JOURNAL OF SUPERCOMPUTING | 2020年 / 76卷 / 03期

关键词：

Privacy; Risk; Security; Assessment; Impact;

D O I：

10.1007/s11227-018-2371-0

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

The security threats related to personally identifiable information are increasing dramatically. In addition to government agencies, large international companies are potential victims. To comply with regulations such as the European Union General Data Protection Regulation, organizations are required to carry out a privacy impact assessment. However, the conventional information security risk assessment model does not provide a clear methodology for conducting privacy impact assessments. In this paper, we propose a privacy-considered information security risk assessment (pISRA) model, which can take both a privacy impact analysis and risk assessment into consideration. Our proposed model can help risk assessors achieve a comparable and reproducible approach for the entire risk assessment process. Additionally, pISRA can assist organizations to select high-risk items for further action.

引用

页码：1468 / 1481

页数：14

共 50 条

[1] pISRA: privacy considered information security risk assessment model
Yu-Chih Wei
Wei-Chen Wu
Gu-Hsin Lai
Ya-Chi Chu
[J]. The Journal of Supercomputing, 2020, 76 : 1468 - 1481
[2] A New Security and Privacy Risk Assessment Model for Information System Considering Influence Relation of Risk Elements
Wu Tianshui
Zhao Gang
[J]. 2014 NINTH INTERNATIONAL CONFERENCE ON BROADBAND AND WIRELESS COMPUTING, COMMUNICATION AND APPLICATIONS (BWCCA), 2014, : 233 - 238
[3] Information security risk assessment model for risk management
Wawrzyniak, Dariusz
[J]. TRUST, PRIVACY, AND SECURITY IN DIGITAL BUSINESS, PROCEEDINGS, 2006, 4083 : 21 - 30
[4] Risk assessment model of information security SVRAMIS
[J]. Wu, D. (jump_wude@163.com), 2013, Science Press (40):
[5] A Novel Risk Assessment Model for Privacy Security in Internet of Things
WU Tianshui
ZHAO Gang
[J]. Wuhan University Journal of Natural Sciences, 2014, 19 (05) : 398 - 404
[6] General risk assessment model for information system security
Chi, Yue
Zhang, Yong-Zheng
Yun, Xiao-Chun
[J]. Harbin Gongye Daxue Xuebao/Journal of Harbin Institute of Technology, 2005, 37 (SUPPL. 1): : 192 - 194
[7] Assessment Model and Method Research of Information Security Risk
Lu Zhen
Xiong Zhen
Tu Keqin
[J]. FRONTIERS OF MANUFACTURING AND DESIGN SCIENCE IV, PTS 1-5, 2014, 496-500 : 2170 - +
[8] A Novel Security Risk Assessment Model for Information System
Lv, Huiying
[J]. 2ND IEEE INTERNATIONAL CONFERENCE ON ADVANCED COMPUTER CONTROL (ICACC 2010), VOL. 4, 2010, : 282 - 287
[9] Confidentiality and Privacy Information Security Risk Assessment for Android-Based Mobile Devices
Irwan
Asnar, Yudistira
Hendradjaya, Bayu
[J]. 2015 INTERNATIONAL CONFERENCE ON DATA AND SOFTWARE ENGINEERING (ICODSE), 2015, : 60 - +
[10] Classified Information System Security Risk Assessment Model of the Research
Peng, Chong
Shao, Liping
[J]. 2015 INTERNATIONAL CONFERENCE ON LOGISTICS, INFORMATICS AND SERVICE SCIENCES (LISS), 2015,

← 1 2 3 4 5 →