A security risk analysis model for information systems

Hoh In; Young Gab Kim; Taek Lee; Chang Joo Moon; Yoonjung Jung; Injung Kim

A security risk analysis model for information systems

Hoh In, Young Gab Kim, Taek Lee, Chang Joo Moon, Yoonjung Jung, Injung Kim

Department of Computer Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

14 Citations (Scopus)

Abstract

Information security is a crucial technique for an organization to survive in these days. However, there is no integrated model to assess the security risk quantitatively and optimize its resources to protect organization information and assets effectively. In this paper, an integrated, quantitative risk analysis model is proposed including asset, threat and vulnerability evaluations by adapting software risk management techniques. It is expected to analyze security risk effectively and optimize resources to mitigate the risk.

Original language	English
Title of host publication	Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science)
Editors	D.-K. Baik
Pages	505-513
Number of pages	9
Volume	3398
Publication status	Published - 2005
Event	Third Asian Simulation Conference, Asiasim 2004 - Jeju Island, Korea, Republic of Duration: 2004 Oct 4 → 2004 Oct 6

Other

Other	Third Asian Simulation Conference, Asiasim 2004
Country	Korea, Republic of
City	Jeju Island
Period	04/10/4 → 04/10/6

Fingerprint

Risk analysis

Information systems

Security of data

Risk management

ASJC Scopus subject areas

Hardware and Architecture

Cite this

In, H., Kim, Y. G., Lee, T., Moon, C. J., Jung, Y., & Kim, I. (2005). A security risk analysis model for information systems. In D-K. Baik (Ed.), Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science) (Vol. 3398, pp. 505-513)

A security risk analysis model for information systems. / In, Hoh; Kim, Young Gab; Lee, Taek; Moon, Chang Joo; Jung, Yoonjung; Kim, Injung.

Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science). ed. / D.-K. Baik. Vol. 3398 2005. p. 505-513.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

In, H, Kim, YG, Lee, T, Moon, CJ, Jung, Y & Kim, I 2005, A security risk analysis model for information systems. in D-K Baik (ed.), Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science). vol. 3398, pp. 505-513, Third Asian Simulation Conference, Asiasim 2004, Jeju Island, Korea, Republic of, 04/10/4.

In H, Kim YG, Lee T, Moon CJ, Jung Y, Kim I. A security risk analysis model for information systems. In Baik D-K, editor, Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science). Vol. 3398. 2005. p. 505-513

In, Hoh ; Kim, Young Gab ; Lee, Taek ; Moon, Chang Joo ; Jung, Yoonjung ; Kim, Injung. / A security risk analysis model for information systems. Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science). editor / D.-K. Baik. Vol. 3398 2005. pp. 505-513

@inproceedings{ad1feb3769df4a1795abaa3e96532f3d,

title = "A security risk analysis model for information systems",

abstract = "Information security is a crucial technique for an organization to survive in these days. However, there is no integrated model to assess the security risk quantitatively and optimize its resources to protect organization information and assets effectively. In this paper, an integrated, quantitative risk analysis model is proposed including asset, threat and vulnerability evaluations by adapting software risk management techniques. It is expected to analyze security risk effectively and optimize resources to mitigate the risk.",

author = "Hoh In and Kim, {Young Gab} and Taek Lee and Moon, {Chang Joo} and Yoonjung Jung and Injung Kim",

year = "2005",

language = "English",

volume = "3398",

pages = "505--513",

editor = "D.-K. Baik",

booktitle = "Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science)",

}

TY - GEN

T1 - A security risk analysis model for information systems

AU - In, Hoh

AU - Kim, Young Gab

AU - Lee, Taek

AU - Moon, Chang Joo

AU - Jung, Yoonjung

AU - Kim, Injung

PY - 2005

Y1 - 2005

N2 - Information security is a crucial technique for an organization to survive in these days. However, there is no integrated model to assess the security risk quantitatively and optimize its resources to protect organization information and assets effectively. In this paper, an integrated, quantitative risk analysis model is proposed including asset, threat and vulnerability evaluations by adapting software risk management techniques. It is expected to analyze security risk effectively and optimize resources to mitigate the risk.

AB - Information security is a crucial technique for an organization to survive in these days. However, there is no integrated model to assess the security risk quantitatively and optimize its resources to protect organization information and assets effectively. In this paper, an integrated, quantitative risk analysis model is proposed including asset, threat and vulnerability evaluations by adapting software risk management techniques. It is expected to analyze security risk effectively and optimize resources to mitigate the risk.

UR - http://www.scopus.com/inward/record.url?scp=26844539351&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=26844539351&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:26844539351

VL - 3398

SP - 505

EP - 513

BT - Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science)

A2 - Baik, D.-K.

ER -

A security risk analysis model for information systems

Abstract

Other

Fingerprint

ASJC Scopus subject areas

Cite this

Access to Document