Assets Dependencies Model in Information Security Risk Management

Abstract : Information security risk management is a fundamental process conducted for the purpose of securing information assets in an organization. It usually involves asset identification and valuation, threat analysis, risk analysis and implementation of countermeasures. A correct asset valuation is a basis for accurate risk analysis, but there is a lack of works describing the valuation process with respect to dependencies among assets. In this work we propose a method for inspecting asset dependencies, based on common security attributes - confidentiality, integrity and availability. Our method should bring more detailed outputs from the risk analysis and therefore make this process more objective.
Complete list of metadatas

Cited literature [8 references]  Display  Hide  Download

https://hal.inria.fr/hal-01397241
Contributor : Hal Ifip <>
Submitted on : Tuesday, November 15, 2016 - 3:52:50 PM
Last modification on : Wednesday, November 16, 2016 - 1:04:11 AM
Long-term archiving on: Thursday, March 16, 2017 - 5:36:57 PM

File

978-3-642-55032-4_40_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Jakub Breier, Frank Schindler. Assets Dependencies Model in Information Security Risk Management. 2nd Information and Communication Technology - EurAsia Conference (ICT-EurAsia), Apr 2014, Bali, Indonesia. pp.405-412, ⟨10.1007/978-3-642-55032-4_40⟩. ⟨hal-01397241⟩

Share

Metrics

Record views

110

Files downloads

277