Quantitative risk analysis and evaluation in information systems: A case study

Young G. Kim, Jong In Lim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

The rapid growth of the Internet technology has encouraged organizations to protect their information assets. Furthermore, the need for risk analysis has become very important for organizations. However, the existing risk analysis just presents the guidelines that can be used to determine the security measures but do not support how to evaluate the risks quantitatively. Therefore, in this paper, the quantitative risk evaluation model based on the Markov process, especially for the case of interrelated threats, is proposed. In addition, in order to analyze the relationship between threats, the basic analysis method using the covariance and the correlation coefficient is presented.

Original languageEnglish
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Pages1040-1047
Number of pages8
Volume4489 LNCS
EditionPART 3
Publication statusPublished - 2007 Dec 1
Event7th International Conference on Computational Science, ICCS 2007 - Beijing, China
Duration: 2007 May 272007 May 30

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
NumberPART 3
Volume4489 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other7th International Conference on Computational Science, ICCS 2007
CountryChina
CityBeijing
Period07/5/2707/5/30

ASJC Scopus subject areas

  • Biochemistry, Genetics and Molecular Biology(all)
  • Computer Science(all)
  • Theoretical Computer Science

Fingerprint Dive into the research topics of 'Quantitative risk analysis and evaluation in information systems: A case study'. Together they form a unique fingerprint.

  • Cite this

    Kim, Y. G., & Lim, J. I. (2007). Quantitative risk analysis and evaluation in information systems: A case study. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (PART 3 ed., Vol. 4489 LNCS, pp. 1040-1047). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4489 LNCS, No. PART 3).