Obiekt

Tytuł: A new lightweight method for security risk assessment based on fuzzy cognitive maps

Autor:

Szwed, Piotr ; Skrzyński, Paweł

Data wydania:

2014

Typ zasobu:

artykuł

Współtwórca:

Kowal, Marek - red. ; Korbicz, Józef (1951- ) - red.

Podtytuł:

.

Tytuł publikacji grupowej:

AMCS, Volume 24 (2014)

Abstract:

For contemporary software systems, security is considered to be a key quality factor and the analysis of IT security risk becomes an indispensable stage during software deployment. However, performing risk assessment according to methodologies and standards issued for the public sector or large institutions can be too costly and time consuming. ; Current business practice tends to circumvent risk assessment by defining sets of standard safeguards and applying them to all developed systems. This leads to a substantial gap: threats are not re-evaluated for particular systems and the selection of security functions is not based on risk models. This paper discusses a new lightweight risk assessment method aimed at filling this gap. ; In this proposal, Fuzzy Cognitive Maps (FCMs) are used to capture dependencies between assets, and FCM-based reasoning is performed to calculate risks. An application of the method is studied using an example of an e-health system providing remote telemonitoring, data storage and teleconsultation services. Lessons learned indicate that the proposed method is an efficient and low-cost approach, giving instantaneous feedback and enabling reasoning on the effectiveness of the security system.

Wydawca:

Zielona Góra: Uniwersytet Zielonogórski

Identyfikator zasobu:

oai:zbc.uz.zgora.pl:78926

DOI:

10.2478/amcs-2014-0016

Strony:

213-225

Źródło:

AMCS, volume 24, number 1 (2014) ; kliknij tutaj, żeby przejść

Jezyk:

eng

Prawa do dysponowania publikacją:

Biblioteka Uniwersytetu Zielonogórskiego

Obiekty

Podobne

Ta strona wykorzystuje pliki 'cookies'. Więcej informacji