• DocumentCode
    2228524
  • Title

    A Novel Security Risk Assessment Method of Enterprise Information System Based on the Correlation of Equipments

  • Author

    Liu, Yong ; Lin, Qi ; Meng, Kun ; Tian, Zhi Min

  • Author_Institution
    Northeastern Univ., Shenyang, China
  • fYear
    2009
  • fDate
    26-28 Dec. 2009
  • Firstpage
    1569
  • Lastpage
    1572
  • Abstract
    Many risk assessment approaches evaluate the security by considering the status of equipments in the system separately, while the infrastructure of the system, which also has impact on assessing the system risk, is not taken into consideration properly. In this paper we propose a novel risk assessment method which considers the correlation of the equipments in the evaluated system. Where the risk of every equipment is divided into the individual one and the impact of other equipments. By setting vulnerability-threat conjunction matrix of the equipments, we give an approach which is facilitate to calculate the impact of other equipments. In the end of the paper, we propose an example to explain the correctness and efficiency of the proposed method.
  • Keywords
    business data processing; graph theory; matrix algebra; risk management; security of data; enterprise information system; equipment correlation; security risk assessment; vulnerability-threat conjunction matrix; Computer errors; Computer industry; Computer networks; Computer science; Computer security; Information science; Information security; Information systems; Risk management; Standards organizations;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Science and Engineering (ICISE), 2009 1st International Conference on
  • Conference_Location
    Nanjing
  • Print_ISBN
    978-1-4244-4909-5
  • Type

    conf

  • DOI
    10.1109/ICISE.2009.124
  • Filename
    5455357
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2228524