A security risk analysis model for information systems

Hoh Peter In, Young Gab Kim, Taek Lee, Chang Joo Moon, Yoonjung Jung, Injung Kim

Research output: Contribution to journalConference articlepeer-review

19 Citations (Scopus)


Information security is a crucial technique for an organization to survive in these days. However, there is no integrated model to assess the security risk quantitatively and optimize its resources to protect organization information and assets effectively. In this paper, an integrated, quantitative risk analysis model is proposed including asset, threat and vulnerability evaluations by adapting software risk management techniques. It is expected to analyze security risk effectively and optimize resources to mitigate the risk.

Original languageEnglish
Pages (from-to)505-513
Number of pages9
JournalLecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science)
Publication statusPublished - 2005
EventThird Asian Simulation Conference, Asiasim 2004 - Jeju Island, Korea, Republic of
Duration: 2004 Oct 42004 Oct 6

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'A security risk analysis model for information systems'. Together they form a unique fingerprint.

Cite this