Distribution & Access For Publication Downloads News About Us Contact Us
Paper Titles
Research on Aging Mechanism of Modified Asphalt by Gel Permeation Chromatography and Grey Relevant Methods
p.1005
The Experiment Study of Water Jet Incremental Sheet Metal Forming
p.1010
Optimization Analysis of Injection Mold for Sleeve
p.1014
New Technology and Applications on Microwave Sensor for Moisture Content Measurement
p.1019
A Business Process-Based Risk Evaluation Framework
p.1024
A Study on Elliptical Vibration Cutting by Finite Element Analysis
p.1029
The Application Research of Coating Thickness Detection Using the Tree Classifier
p.1034
Study on the Technics Principle for Stalk and Stubble Chopper Based on No-Tillage Planter
p.1039
Synchronization of the Modified Financial Chaotic System via a Single Controller
p.1045

A Business Process-Based Risk Evaluation Framework

Article Preview

Abstract:

To present the essence of information system risk evaluation and improve the effect of evaluation, the paper puts forward a business process-based information system risk evaluation after analyzing the current risk evaluation methods. The framework begins with the description of business process in perspective of information security and then analyzes and assesses the business activities. The risk-control evaluation of business activities is brought forward and the optional security control measures are comprehensively evaluated so as to ensure security of business activities. The framework focuses on business process activities so that information system assets, their vulnerabilities and threats are associated and evaluation of isolated and meaningless assets is avoided.

You might also be interested in these eBooks
Frontiers of Manufacturing Science and Measuring Technology View Preview

Info:

Periodical:

Advanced Materials Research (Volumes 230-232)

Pages:

1024-1028

DOI:

https://doi.org/10.4028/www.scientific.net/AMR.230-232.1024

Citation:

Cite this paper

Online since:

May 2011

Authors:

Zhi Wei Yu

Keywords:

Business Activity, Business Process, Information Security, Risk Evaluation

Export:

RIS, BibTeX

Price:

Permissions:

Request Permissions

References

[1] YU Zhiwei, TANG Renzhong: Business activity-oriented security model of information systems. Journal of Zhejiang University(Engineering Science), Vol. 41 No. 11(2007), pp.1903-1907, in Chinese.

Google Scholar

[2] S.A. Kokolakis A.J. Demopoulos E.A. Kiountouzis: The use of business process modelling in information systems security analysis and design, Information Management & Computer Security. Bradford: Vol. 8, Iss. 3(2000), pg. 107.

DOI: 10.1108/09685220010339192

Google Scholar

[3] Christopher Alberts, Audrey Dorofee: Managing Information Security Risks: The OCTAVE Approach. Pearson Education, Inc. (2003).

Google Scholar

[4] Mandy Andress: Surviving Security: How to Integrate People, Process and Technology SAMS. (Yang tao, Yang Xiaoyun, Wang Jianqiao et al. China Machine Press, 2002. 1), in Chinese.

Google Scholar

[5] YU Zhiwei, TANG Renzhong, Jia Dongjiao et al.: A business process-based method on security requirement analysis of information systems, China Mechanical Engineering. Vol. 18, (2007), pp.457-460, in Chinese.

Google Scholar

[6] YU Zhiwei, TANG Renzhong: Analysis on security objectives of business process elements. Journal of Zhejiang University(Engineering Science), Vol. 41 No. 8(2007), pp.1244-1248, 1270, in Chinese.

Google Scholar

[7] Yu Zhi-wei: Study on business action-based asset model and assets identification of information system, 2011 International Conference on Fuzzy Systems and Neural Computing (FSNC 2011) Hong Kong, China, February 20-21, 2011, in Chinese, accepted.

Google Scholar

[8] Djordjevic I., Scharf E., Raptis D., et al.: Suitability of risk analysis methods for security assessment of large-scale distributed computer systems. In Proc. Probabilistic Safety Assessment and Management (PSAM6), vol 2, pages 1897-1902, Elsevier, (2002).

Google Scholar

Scientific.Net is a registered brand of Trans Tech Publications Ltd
© 2024 by Trans Tech Publications Ltd. All Rights Reserved