Sciweavers

ICCSA
2005
Springer

Security Risk Vector for Quantitative Asset Assessment

13 years 9 months ago
Security Risk Vector for Quantitative Asset Assessment
There are standard risk analysis methodologies like GMITS and ISO17799, but new threats and vulnerabilities appear day by day because the IT organizations, its infrastructure, and its environment are changing. Accordingly, the methodologies must evolve in step with the change. Risk analysis methods are generally composed of asset identification, vulnerability analysis, safeguard identification, risk mitigation, and safeguard implementation. As the first process, the asset identification is important because the target scope of risk analysis is defined. This paper proposes a new approach, security risk vector, for evaluating assets quantitatively. A case study is presented.
Yoon Jung Chung, In-Jung Kim, Namhoon Lee, Taek Le
Added 27 Jun 2010
Updated 27 Jun 2010
Type Conference
Year 2005
Where ICCSA
Authors Yoon Jung Chung, In-Jung Kim, Namhoon Lee, Taek Lee, Hoh Peter In
Comments (0)