Assets dependencies model in information security risk management
Information security risk management is a fundamental process conducted for the purpose of securing information assets in an organization. It usually involves asset identification and valuation, threat analysis, risk analysis and implementation of countermeasures. A correct asset valuation is a basi...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Conference Paper |
| Language: | English |
| Published: |
2014
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/101667 http://hdl.handle.net/10220/23935 |
| _version_ | 1811692060938338304 |
|---|---|
| author | Jakub, Breier Frank, Schindler |
| author2 | Linawati, |
| author_facet | Linawati, Jakub, Breier Frank, Schindler |
| author_sort | Jakub, Breier |
| collection | NTU |
| description | Information security risk management is a fundamental process conducted for the purpose of securing information assets in an organization. It usually involves asset identification and valuation, threat analysis, risk analysis and implementation of countermeasures. A correct asset valuation is a basis for accurate risk analysis, but there is a lack of works describing the valuation process with respect to dependencies among assets. In this work we propose a method for inspecting asset dependencies, based on common security attributes - confidentiality, integrity and availability. Our method should bring more detailed outputs from the risk analysis and therefore make this process more objective. |
| first_indexed | 2024-10-01T06:29:47Z |
| format | Conference Paper |
| id | ntu-10356/101667 |
| institution | Nanyang Technological University |
| language | English |
| last_indexed | 2024-10-01T06:29:47Z |
| publishDate | 2014 |
| record_format | dspace |
| spelling | ntu-10356/1016672020-03-07T12:31:20Z Assets dependencies model in information security risk management Jakub, Breier Frank, Schindler Linawati, Mahendra, Made Sudiana Neuhold, Erich J. Tjoa, A Min You, Ilsun School of Physical and Mathematical Sciences Proceedings on IFIP TC5/8 International Conference, ICT-EurAsia (2nd : 2014 : Bali, Indonesia) Temasek Laboratories DRNTU::Science::Physics Information security risk management is a fundamental process conducted for the purpose of securing information assets in an organization. It usually involves asset identification and valuation, threat analysis, risk analysis and implementation of countermeasures. A correct asset valuation is a basis for accurate risk analysis, but there is a lack of works describing the valuation process with respect to dependencies among assets. In this work we propose a method for inspecting asset dependencies, based on common security attributes - confidentiality, integrity and availability. Our method should bring more detailed outputs from the risk analysis and therefore make this process more objective. 2014-10-01T04:23:30Z 2019-12-06T20:42:31Z 2014-10-01T04:23:30Z 2019-12-06T20:42:31Z 2014 2014 Conference Paper Jakub, B., & Frank, S. (2014). Assets dependencies model in information security risk management. Proceedings IFIP TC5/8 International Conference, ICT-EurAsia. Information and communication technology. Lecture notes in computer science 8407, 405-412. https://hdl.handle.net/10356/101667 http://hdl.handle.net/10220/23935 10.1007/978-3-642-55032-4 179055 en © 2014 IFIP International Federation for Information Processing |
| spellingShingle | DRNTU::Science::Physics Jakub, Breier Frank, Schindler Assets dependencies model in information security risk management |
| title | Assets dependencies model in information security risk management |
| title_full | Assets dependencies model in information security risk management |
| title_fullStr | Assets dependencies model in information security risk management |
| title_full_unstemmed | Assets dependencies model in information security risk management |
| title_short | Assets dependencies model in information security risk management |
| title_sort | assets dependencies model in information security risk management |
| topic | DRNTU::Science::Physics |
| url | https://hdl.handle.net/10356/101667 http://hdl.handle.net/10220/23935 |
| work_keys_str_mv | AT jakubbreier assetsdependenciesmodelininformationsecurityriskmanagement AT frankschindler assetsdependenciesmodelininformationsecurityriskmanagement |