Risk assessment model for TPCM based on threat analysis

Author

Wang, Dan ; Wu, Yi

Author_Institution

Coll. of Comput. Sci., Beijing Univ. of Technol., Beijing, China

fYear

2011

fDate

27-29 June 2011

Firstpage

3540

Lastpage

3543

Abstract

TPCM is an essential part for a trusted computer. How to test and evaluate whether the trusted function can execute in a trusted computer is very significant. A risk assessment model for TPCM based on threat analysis is proposed, which considers comprehensively the essential factors of the information security risk assessment, including the asset, threat and vulnerability of TPCM. The risk computation model is built through analyzing the threat identify, threat consequence attribute and threat index. The risk can be given through the computation of possibility of the threat and their consequence attributes with different weights. By applying the security risk assessment into TPCM, the effectiveness and measurability of the risk assessment process can be improved, which also provides a new approach for the test of the TPCM.

Keywords

risk management; security of data; information security risk assessment; risk assessment model; risk computation model; threat analysis; threat consequence attribute analysis; threat identify analysis; threat index analysis; trusted computer; trusted platform module; Analytical models; Computational modeling; Computers; Information security; Risk management; Testing; TPCM; risk assessment; threat consequence attribute; threat identify;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Science and Service System (CSSS), 2011 International Conference on

Conference_Location

Nanjing

Print_ISBN

978-1-4244-9762-1

Type

conf

DOI

10.1109/CSSS.2011.5974873

Filename

5974873