Attack tree based information security risk assessment method integrating enterprise objectives with vulnerabilities
المؤلفون المشاركون
المصدر
The International Arab Journal of Information Technology
العدد
المجلد 10، العدد 3 (31 مايو/أيار 2013)8ص.
الناشر
تاريخ النشر
2013-05-31
دولة النشر
الأردن
عدد الصفحات
8
التخصصات الرئيسية
الموضوعات
الملخص EN
In order to perform the analysis and mitigation efforts related with the Information Security risks there exists quantitative and qualitative approaches, but the most critical shortcoming of these methods is the fact that the outcome mainly addresses the needs and priorities of the technical community rather than the management.
For the enterprise management, this information is essentially required as a decision making aid for the asset allocation and the prioritization of mitigation efforts.
So ideally the outcome of an information security risk method must be in synchronization with the enterprise objectives to act as a useful decision tool for the management.
Also in the modelling of the threat domain, attack trees are frequently utilized.
However the execution of attack tree modelling is costly from the effort and timing requirements and also has inherent scalability issues.
So within this article our design-science research based work on an information security risk assessment method that addresses these two issues of enterprise objective inclusion and model scalability will be outlined.
نمط استشهاد جمعية علماء النفس الأمريكية (APA)
Karabey, Bugra& Baykal, Nazife. 2013. Attack tree based information security risk assessment method integrating enterprise objectives with vulnerabilities. The International Arab Journal of Information Technology،Vol. 10, no. 3.
https://search.emarefa.net/detail/BIM-311920
نمط استشهاد الجمعية الأمريكية للغات الحديثة (MLA)
Karabey, Bugra& Baykal, Nazife. Attack tree based information security risk assessment method integrating enterprise objectives with vulnerabilities. The International Arab Journal of Information Technology Vol. 10, no. 3 (May. 2013).
https://search.emarefa.net/detail/BIM-311920
نمط استشهاد الجمعية الطبية الأمريكية (AMA)
Karabey, Bugra& Baykal, Nazife. Attack tree based information security risk assessment method integrating enterprise objectives with vulnerabilities. The International Arab Journal of Information Technology. 2013. Vol. 10, no. 3.
https://search.emarefa.net/detail/BIM-311920
نوع البيانات
مقالات
لغة النص
الإنجليزية
الملاحظات
Includes bibliographical references.
رقم السجل
BIM-311920
قاعدة معامل التأثير والاستشهادات المرجعية العربي "ارسيف Arcif"
أضخم قاعدة بيانات عربية للاستشهادات المرجعية للمجلات العلمية المحكمة الصادرة في العالم العربي
تقوم هذه الخدمة بالتحقق من التشابه أو الانتحال في الأبحاث والمقالات العلمية والأطروحات الجامعية والكتب والأبحاث باللغة العربية، وتحديد درجة التشابه أو أصالة الأعمال البحثية وحماية ملكيتها الفكرية. تعرف اكثر