Service interruption on Monday 11 July from 12:30 to 13:00: all the sites of the CCSD (HAL, EpiSciences, SciencesConf, AureHAL) will be inaccessible (network hardware connection).
Skip to Main content Skip to Navigation
Conference papers

Motivation-Based Risk Analysis Process for IT Systems

Abstract : Information security management is one of the most important issues to be resolved. The key element of this process is risk analysis. The standards are (ISO/IEC 27000, ISO/IEC 31000) based on the complex and time consuming process of defining vulnerabilities and threats for all organisation assets. In the article we present a new approach to analysing the risk of an attack on information systems. We focus on human factor - motivation, and show its relation to hacker profiles, as well as impacts. At the beginning we introduce a new model of motivation-based risk analysis. Then we describe case study illustrating our approach for a simple set of organisation processes.
Document type :
Conference papers
Complete list of metadata

Cited literature [11 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Tuesday, November 15, 2016 - 4:53:29 PM
Last modification on : Tuesday, November 15, 2016 - 5:04:53 PM
Long-term archiving on: : Thursday, March 16, 2017 - 5:25:00 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Agata Niescieruk, Bogdan Ksiezopolski. Motivation-Based Risk Analysis Process for IT Systems. 2nd Information and Communication Technology - EurAsia Conference (ICT-EurAsia), Apr 2014, Bali, Indonesia. pp.446-455, ⟨10.1007/978-3-642-55032-4_45⟩. ⟨hal-01397337⟩



Record views


Files downloads