Abstract
Information security is a crucial technique for an organization to survive in these days. However, there is no integrated model to assess the security risk quantitatively and optimize its resources to protect organization information and assets effectively. In this paper, an integrated, quantitative risk analysis model is proposed including asset, threat and vulnerability evaluations by adapting software risk management techniques. It is expected to analyze security risk effectively and optimize resources to mitigate the risk.
| Original language | English |
|---|---|
| Pages (from-to) | 505-513 |
| Number of pages | 9 |
| Journal | Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science) |
| Volume | 3398 |
| DOIs | |
| Publication status | Published - 2005 |
| Event | Third Asian Simulation Conference, Asiasim 2004 - Jeju Island, Korea, Republic of Duration: 2004 Oct 4 → 2004 Oct 6 |
ASJC Scopus subject areas
- Theoretical Computer Science
- Computer Science(all)