How to Assess Confidentiality Requirements of Corporate Assets? - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2014

How to Assess Confidentiality Requirements of Corporate Assets?

Résumé

Confidentiality is an important property that organizations relying on information technology have to preserve. The purpose of this work is to provide a structured approach for identifying confidentiality requirements. A key step in the information security risk management process is the determination of the impact level arisen from a loss of confidentiality, integrity or availability. We deal here with impact level determination regarding confidentiality by proposing a method to calculate impact levels based on the different kind of consequences typically arisen from threats. The proposed approach assesses the impact arisen from confidentiality losses on different areas separately and uses a parameterized model that allows organizations to adjust it according to their specific needs. A validation of the developed approach has been conducted in a small software development company.
Fichier principal
Vignette du fichier
978-3-642-55415-5_19_Chapter.pdf (4 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01370369 , version 1 (22-09-2016)

Licence

Paternité

Identifiants

Citer

Gabriela Varona Cervantes, Stefan Fenz. How to Assess Confidentiality Requirements of Corporate Assets?. 29th IFIP International Information Security Conference (SEC), Jun 2014, Marrakech, Morocco. pp.234-241, ⟨10.1007/978-3-642-55415-5_19⟩. ⟨hal-01370369⟩
81 Consultations
707 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More