A security risk analysis model for information systems

Hoh In, Young Gab Kim, Taek Lee, Chang Joo Moon, Yoonjung Jung, Injung Kim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

14 Citations (Scopus)

Abstract

Information security is a crucial technique for an organization to survive in these days. However, there is no integrated model to assess the security risk quantitatively and optimize its resources to protect organization information and assets effectively. In this paper, an integrated, quantitative risk analysis model is proposed including asset, threat and vulnerability evaluations by adapting software risk management techniques. It is expected to analyze security risk effectively and optimize resources to mitigate the risk.

Original languageEnglish
Title of host publicationLecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science)
EditorsD.-K. Baik
Pages505-513
Number of pages9
Volume3398
Publication statusPublished - 2005
EventThird Asian Simulation Conference, Asiasim 2004 - Jeju Island, Korea, Republic of
Duration: 2004 Oct 42004 Oct 6

Other

OtherThird Asian Simulation Conference, Asiasim 2004
CountryKorea, Republic of
CityJeju Island
Period04/10/404/10/6

Fingerprint

Risk analysis
Information systems
Security of data
Risk management

ASJC Scopus subject areas

  • Hardware and Architecture

Cite this

In, H., Kim, Y. G., Lee, T., Moon, C. J., Jung, Y., & Kim, I. (2005). A security risk analysis model for information systems. In D-K. Baik (Ed.), Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science) (Vol. 3398, pp. 505-513)

A security risk analysis model for information systems. / In, Hoh; Kim, Young Gab; Lee, Taek; Moon, Chang Joo; Jung, Yoonjung; Kim, Injung.

Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science). ed. / D.-K. Baik. Vol. 3398 2005. p. 505-513.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

In, H, Kim, YG, Lee, T, Moon, CJ, Jung, Y & Kim, I 2005, A security risk analysis model for information systems. in D-K Baik (ed.), Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science). vol. 3398, pp. 505-513, Third Asian Simulation Conference, Asiasim 2004, Jeju Island, Korea, Republic of, 04/10/4.
In H, Kim YG, Lee T, Moon CJ, Jung Y, Kim I. A security risk analysis model for information systems. In Baik D-K, editor, Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science). Vol. 3398. 2005. p. 505-513
In, Hoh ; Kim, Young Gab ; Lee, Taek ; Moon, Chang Joo ; Jung, Yoonjung ; Kim, Injung. / A security risk analysis model for information systems. Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science). editor / D.-K. Baik. Vol. 3398 2005. pp. 505-513
@inproceedings{ad1feb3769df4a1795abaa3e96532f3d,
title = "A security risk analysis model for information systems",
abstract = "Information security is a crucial technique for an organization to survive in these days. However, there is no integrated model to assess the security risk quantitatively and optimize its resources to protect organization information and assets effectively. In this paper, an integrated, quantitative risk analysis model is proposed including asset, threat and vulnerability evaluations by adapting software risk management techniques. It is expected to analyze security risk effectively and optimize resources to mitigate the risk.",
author = "Hoh In and Kim, {Young Gab} and Taek Lee and Moon, {Chang Joo} and Yoonjung Jung and Injung Kim",
year = "2005",
language = "English",
volume = "3398",
pages = "505--513",
editor = "D.-K. Baik",
booktitle = "Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science)",

}

TY - GEN

T1 - A security risk analysis model for information systems

AU - In, Hoh

AU - Kim, Young Gab

AU - Lee, Taek

AU - Moon, Chang Joo

AU - Jung, Yoonjung

AU - Kim, Injung

PY - 2005

Y1 - 2005

N2 - Information security is a crucial technique for an organization to survive in these days. However, there is no integrated model to assess the security risk quantitatively and optimize its resources to protect organization information and assets effectively. In this paper, an integrated, quantitative risk analysis model is proposed including asset, threat and vulnerability evaluations by adapting software risk management techniques. It is expected to analyze security risk effectively and optimize resources to mitigate the risk.

AB - Information security is a crucial technique for an organization to survive in these days. However, there is no integrated model to assess the security risk quantitatively and optimize its resources to protect organization information and assets effectively. In this paper, an integrated, quantitative risk analysis model is proposed including asset, threat and vulnerability evaluations by adapting software risk management techniques. It is expected to analyze security risk effectively and optimize resources to mitigate the risk.

UR - http://www.scopus.com/inward/record.url?scp=26844539351&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=26844539351&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:26844539351

VL - 3398

SP - 505

EP - 513

BT - Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science)

A2 - Baik, D.-K.

ER -