Title :
The research of information security risk assessment method based on fault tree
Author :
Tao, Huang Xiao ; Liang, Cai ; Chi, Wu ; Qun, HuangLi
Author_Institution :
Network & Comput. Center, Huazhong Univ. of Sci. & Technol., Wuhan, China
Abstract :
Fault tree technology has been broadly used in the industry system but seldom used in the field of risk assessment for information system. In this study, by consulting the standard of BS7799, the fault tree technology is introduced to evaluate the risks of information system. Based on integrity, usability and confidentiality of information system, fault tree model for the information system is established. This model can quantitatively calculate the risk faced by the system; tree framework structure was adopted to analyze faults, which can be easily understood and programmed; Importance of every bottom faults was carefully analyzed, which offers the new model and effective implementation for the risk analysis and the searching of fault sources. In this research, an idiographic example was used to demonstrate the method and to validate the algorithms.
Keywords :
fault trees; risk management; security of data; BS7799; fault tree; information security risk assessment method; information system; risk analysis; Analytical models; Risk management; Fault tree analysis; Information security; Risk assessment;
Conference_Titel :
Networked Computing and Advanced Information Management (NCM), 2010 Sixth International Conference on
Conference_Location :
Seoul
Print_ISBN :
978-1-4244-7671-8
Electronic_ISBN :
978-89-88678-26-8
