A security risk analysis model for information systems: Causal relationships of risk factors and vulnerability propagation analysis

Feng, Nan; Wang, Harry Jiannan; Li, Minqiang

doi:10.1016/j.ins.2013.02.036

Cited by 148 publications

(88 citation statements)

References 41 publications

(66 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Bayesian networks permit supporting measurement models, but they also help to identify the most likely causal structure in a structural model. Consequently, the Bayesian network approach has been applied in various IS studies to gain enhanced insights into novel research fields, e.g., concerning success factors in IT projects (Gingnell et al 2014) and IS security factors (Feng et al 2014). …”

Section: The Bayesian Networkmentioning

confidence: 99%

Theorizing E-Commerce Business Models: On the Impact of Partially and Fully Supported Transaction Phases on Customer Satisfaction and Loyalty

Madlberger

Matook

2017

AJIS

View full text Add to dashboard Cite

Although considerable research has been conducted on the definition and classification of ecommerce business models, little research has integrated the support and impact of distinct transaction phases within e-commerce business models. Indeed, any channel design decisions depend on the arrangement of the three transaction phases, viz. information phase, agreement phase and fulfilment phase. Whereas in literature, a complete support of transaction phases is implicitly assumed, in practice, e-commerce firms exist that consciously do not support all three transaction phases through the online channel. In cases for which only certain phases are supported in one channel, the customer is required to switch to another channel to complete the transaction. To gain an initial understanding of the relevance of transaction phases, we examine the influence of transaction phase support in one channel on satisfaction and reuse intention of an e-commerce website under consideration of users' prior experiences. We conduct a laboratory experiment involving two e-commerce business models that differ only in the number of supported transaction phases via the online channel. Empirical data was analysed using a Bayesian network approach. Our analysis indicates the types of users who value partial support compared to those users who prefer full support of transaction phases. The results will assist firms in meeting future challenges regarding user engagement and attraction to their online stores.

show abstract

Section: The Bayesian Networkmentioning

confidence: 99%

Theorizing E-Commerce Business Models: On the Impact of Partially and Fully Supported Transaction Phases on Customer Satisfaction and Loyalty

Madlberger

Matook

2017

AJIS

View full text Add to dashboard Cite

show abstract

“…They found that analyses using their model can be as accurate as assessments performed by security professionals. In a similar vein, Feng et al [15] recently proposed a method to consider the relationship between risks. Their approach uses Bayesian networks to consider not just the vulnerability, but its context within an infrastructure.…”

Section: Related Workmentioning

confidence: 99%

Exploring a Controls-Based Assessment of Infrastructure Vulnerability

Farnan

Nurse

2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Assessing the vulnerability of an enterprise's infrastructure is an important step in judging the security of its network and the trustworthiness and quality of the information that flows through it. Currently, low-level infrastructure vulnerability is often judged in an ad hoc manner, based on the criteria and experience of the assessors. While methodological approaches to assessing an organisation's vulnerability exist, they are often targeted at higher-level threats, and can fail to accurately represent risk. Our aim in this paper therefore, is to explore a novel, structured approach to assessing low-level infrastructure vulnerability. We do this by placing the emphasis on a controls-based evaluation over a vulnerability-based evaluation. This work aims to investigate a framework for the pragmatic approach that organisations currently use for assessing low-level vulnerability. Instead of attempting to find vulnerabilities in infrastructure, we instead assume the network is insecure, and measure its vulnerability based on the controls that have (and have not) been put in place. We consider different control schemes for addressing vulnerability, and show how one of them, namely the Council on Cyber Security's Top 20 Critical Security Controls, can be applied.

show abstract

“…In [2], they proposed a security risk analysis model (SRAM) to identify the relationship among uncertainty of vulnerability propagation, analyze the complexity and risk factors. In [3], they proposed an Islanding Security Region (ISR) concept to provide security assessment of island operation.…”

Section: Iiliterature Surveymentioning

confidence: 99%

Power System Severity Analysis under Generator Outage Condition

Sangu¹,

Reddy²,

Sivanagaraju³

2015

IJAREEIE

View full text Add to dashboard Cite

Now a day because of the continuous increase in power demand on a power system increases the importance of the power system severity analysis for secured operation. The contingency in a power system may be because of the outage of transmission lines or the generators. Out of which, generator outage condition is the most critical one. In this paper, the power system severity is analyzed under generator outage condition. The most sensitive generator(s) in a given system is identified using generator shift factors. The complete methodology of the proposed methodology to analyze the power system severity in terms of transmission line loadings and bus voltage magnitudes is analyzed on standard IEEE-14 bus test system with supporting numerical and graphical results.

show abstract

A security risk analysis model for information systems: Causal relationships of risk factors and vulnerability propagation analysis

Cited by 148 publications

References 41 publications

Theorizing E-Commerce Business Models: On the Impact of Partially and Fully Supported Transaction Phases on Customer Satisfaction and Loyalty

Theorizing E-Commerce Business Models: On the Impact of Partially and Fully Supported Transaction Phases on Customer Satisfaction and Loyalty

Exploring a Controls-Based Assessment of Infrastructure Vulnerability

Power System Severity Analysis under Generator Outage Condition

Contact Info

Product

Resources

About