Security risk vector for quantitative asset assessment

Yoon Jung Chung, In Jung Kim, Nam Hoon Lee, Taek Lee, Hoh Peter In

Research output: Contribution to journalConference articlepeer-review

1 Citation (Scopus)

Abstract

There are standard risk analysis methodologies like GMITS and ISO17799, but new threats and vulnerabilities appear day by day because the IT organizations, its infrastructure, and its environment are changing. Accordingly, the methodologies must evolve in step with the change. Risk analysis methods are generally composed of asset identification, vulnerability analysis, safeguard identification, risk mitigation, and safeguard implementation. As the first process, the asset identification is important because the target scope of risk analysis is defined. This paper proposes a new approach, security risk vector, for evaluating assets quantitatively. A case study is presented.

Original languageEnglish
Pages (from-to)274-283
Number of pages10
JournalLecture Notes in Computer Science
Volume3481
Issue numberII
DOIs
Publication statusPublished - 2005
EventInternational Conference on Computational Science and Its Applications - ICCSA 2005 - , Singapore
Duration: 2005 May 92005 May 12

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Security risk vector for quantitative asset assessment'. Together they form a unique fingerprint.

Cite this