A Quantitative Method for Multicriteria Analysis of the Assets of a Critical System in the Management Process of Information Security

被引:0
|
作者
Firoiu, Marian [1 ]
Bacivarov, Ioan C. [1 ]
机构
[1] Univ Politehn Bucuresti, Bucharest, Romania
来源
QUALITY-ACCESS TO SUCCESS | 2019年 / 20卷 / 173期
关键词
information security; critical system; multicriteria analysis; critical asset; TOPSIS method; normalization; weight;
D O I
暂无
中图分类号
C93 [管理学];
学科分类号
12 ; 1201 ; 1202 ; 120202 ;
摘要
The selection of an optimal solution for the identification of the critical assets is a rather complex process, as all the valuable assets of an organization have to be identified, classified and quantified under a common approach, within the risk management process. The paper proposes a quantitative method for the identification of critical assets/services within information security assessment and analysis process which is based on multi-criteria analysis. The aim of this paper is to present a more objective method for the assessment, ranking and quantification of critical assets/services through the analysis of predefined criteria using TOPSIS method. The authors consider that by using this method we can take better decisions in ranking critical assets/services.
引用
收藏
页码:138 / 144
页数:7
相关论文
共 50 条
  • [41] IMPLEMENTATION OF INFORMATION SECURITY MANAGEMENT SYSTEM
    Drastich, Martin
    PROCEEDINGS OF THE 10TH INTERNATIONAL SCIENTIFIC CONFERENCE: ECONOMIC POLICY IN THE EUROPEAN UNION MEMBER COUNTRIES: SELECTED PAPERS, 2013, : 49 - 55
  • [42] Security of Tax Management Information System
    Yan, Bo
    Chen, Yiyun
    Huang, Guangwen
    2009 INTERNATIONAL CONFERENCE ON E-BUSINESS AND INFORMATION SYSTEM SECURITY, VOLS 1 AND 2, 2009, : 1162 - 1165
  • [43] A Quantitative Model for Information-Security Risk Management
    Bojanc, Rok
    Jerman-Blazic, Borka
    ENGINEERING MANAGEMENT JOURNAL, 2013, 25 (02) : 25 - 37
  • [44] Quantitative Information Security Vulnerability Assessment for Norwegian Critical Infrastructure
    Liao, Yi-Ching
    CRITICAL INFORMATION INFRASTRUCTURES SECURITY, CRITIS 2020, 2020, 12332 : 31 - 43
  • [45] Information security analysis system
    计算机安全, 2003, (05) : 77 - 77
  • [46] Critical Information Infrastructures Management System and Security Issues Focusing on the Public Administrative Sector
    Heo, Jun
    Yi, Wan Suk
    SERVICE COMPUTATION 2010: THE SECOND INTERNATIONAL CONFERENCES ON ADVANCED SERVICE COMPUTING, 2010, : 179 - 183
  • [47] Advanced approach to information security management system utilizing maturity models in critical infrastructure
    You, Youngin
    Oh, Junhyoung
    Kim, Sooheon
    Lee, Kyungho
    KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, 2018, 12 (10): : 4995 - 5014
  • [48] Information Security Risk Management in Critical Informative Systems
    Kiran, K. V. D.
    Reddy, L. S. S.
    Kumar, Velagapudi Pavan
    Dheeraj, Kalluri Krishna Sai
    2014 CONFERENCE ON IT IN BUSINESS, INDUSTRY AND GOVERNMENT (CSIBIG), 2014,
  • [49] A Comparison between Business Process Management and Information Security Management
    Wangen, Gaute
    Snekkenes, Einar Arthur
    FEDERATED CONFERENCE ON COMPUTER SCIENCE AND INFORMATION SYSTEMS, 2014, 2014, 2 : 901 - 910
  • [50] A labor times estimation method for the information security audit by quantitative analysis i and regressive analysis
    Satoh, Naoki
    Satoh, N. (nsatoh@center.wakayama-u.ac.jp), 1855, Institute of Electrical Engineers of Japan (132): : 1855 - 1859
12345