A Survey on the Evolution of Risk Evaluation for Information Systems Security

被引：9

作者：

Yu Zhiwei ^{[1
]}

Ji Zhongyuan ^{[2
]}

机构：

[1] Zhejiang Univ, Ningbo Inst Technol, Ningbo, Zhejiang, Peoples R China

[2] Lishui Univ, Lishui, Peoples R China

来源：

2012 INTERNATIONAL CONFERENCE ON FUTURE ELECTRICAL POWER AND ENERGY SYSTEM, PT B | 2012年 / 17卷

关键词：

information systems; information systems security; risk evaluation; business processes-oriented; MANAGEMENT;

D O I：

10.1016/j.egypro.2012.02.240

中图分类号：

TE [石油、天然气工业]; TK [能源与动力工程];

学科分类号：

0807 ; 0820 ;

摘要：

In order to study the risk evaluation of the information systems security effectively and the laws of the developments of risk evaluation, we have made a detailed analysis from the purpose, the objective, the process methodology of risk evaluation according to the role, the structure and the environment of information system. The tendency of risk evaluation is asserted with the current informatization background and an idea of business process-oriented risk evaluation methodology of information systems security is presented. (C) 2011 Published by Elsevier Ltd. Selection and/or peer-review under responsibility of Hainan University.

引用

页码：1288 / 1294

页数：7

共 23 条

[1]

Alberts C.J., 2003, MANAGING INFORM SECU

[2]

[Anonymous], 2007, ASS THREATS VULN DIS

[3]

Butler S. A., 2003, CMUCS03132

[4]

Craft R., 2010, OPEN FRAMEWORK MANAG

[5]

Dequan He, 2002, NETINFO SECURITY, P23

[6]

Djordjevic I., 2008, SUITABILITY RISK ANA

[7]

Feng Dengguo, J CHINA I COMMUNICAT, V25, P10

[8] A conceptual framework for information security management [J].

Finne, T .

COMPUTERS & SECURITY, 1998, 17 (04) :303-307

[9] Information systems risk management: Key concepts and business processes [J].

Finne, T .

COMPUTERS & SECURITY, 2000, 19 (03) :234-242

[10]

Fletcher S., 2010, SOFTWARE SYSTEM RISK

← 1 2 3 →