An introduction to computer security :

Guttman, Barbara; Roback, Edward

doi:10.6028/nist.sp.800-12

Cited by 73 publications

(43 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The methodology for risk assessment comprises basic steps common to various standards and guidelines (see 217 Guttman and Roback, 1995;ISO/IEC, 2011;Ross, 2011;Landoll, 2005). The salient difference is the use of an FCM model capturing influences between assets and allowing their dependencies to be tracked during a risk aggregation.…”

Section: Methodology Of Risk Assessmentmentioning

confidence: 99%

“…According to Guttman and Roback (1995) as well as Hoo (2000), security is the protection afforded to an information system in order to preserve the integrity of data and system functions, their availability, authenticity and confidentiality.…”

Section: Related Workmentioning

confidence: 99%

“…Threats. The identification of threats was based on available sources (e.g., Guttman and Roback, 1995;Ross, 2011;Landoll, 2005), as well as on previous experience. The elicited list of threats to be considered in a vulnerability analysis comprised 58 elements grouped in 11 families corresponding to classes of assets.…”

Section: 2mentioning

confidence: 99%

See 2 more Smart Citations

A new lightweight method for security risk assessment based on fuzzy cognitive maps

Szwed

Skrzynski

2014

International Journal of Applied Mathematics and Computer Science

View full text Add to dashboard Cite

For contemporary software systems, security is considered to be a key quality factor and the analysis of IT security risk becomes an indispensable stage during software deployment. However, performing risk assessment according to methodologies and standards issued for the public sector or large institutions can be too costly and time consuming. Current business practice tends to circumvent risk assessment by defining sets of standard safeguards and applying them to all developed systems. This leads to a substantial gap: threats are not re-evaluated for particular systems and the selection of security functions is not based on risk models. This paper discusses a new lightweight risk assessment method aimed at filling this gap. In this proposal, Fuzzy Cognitive Maps (FCMs) are used to capture dependencies between assets, and FCM-based reasoning is performed to calculate risks. An application of the method is studied using an example of an e-health system providing remote telemonitoring, data storage and teleconsultation services. Lessons learned indicate that the proposed method is an efficient and low-cost approach, giving instantaneous feedback and enabling reasoning on the effectiveness of the security system.

show abstract

Section: Methodology Of Risk Assessmentmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A new lightweight method for security risk assessment based on fuzzy cognitive maps

Szwed

Skrzynski

2014

International Journal of Applied Mathematics and Computer Science

View full text Add to dashboard Cite

show abstract

“…Information Security refers to the protection or safeguarding of any information from being breached against any unauthorized access and maintains integrity and confidentiality [5]. With growing dependency on the internet and email, security risks and breaches are also increasing drastically.…”

Section: Information Securitymentioning

confidence: 99%

“…Security can also be defined as a layer created to separate assets from threats [4]. In order to understand clearly about security, it is very important to understand important terminologies [5]. This research paper talks about important terminologies, concerns and challenges on Information System and Security Audit.…”

Section: Introductionmentioning

confidence: 99%

Concerns on Information System and Security Audit

Shakya

Gupta

2018

J. Adv. Coll. Engin. Mgt.

View full text Add to dashboard Cite

Successful Information and communication technology (ICT) can cause rapid development in administrative processes. ICT strategies and ICT plans should be evaluated to align with organization visions and missions in order to achieve effective use of ICT in their organizations [1]. Efficient Software and Hardware together play a vital role giving relevant information which helps improving ways we do business, learn, communicate, entertain and work. This exposes to an environment with significant risks which are vulnerable to inside or outside attacks [2,3]. Security is a degree of protection or resistance from harm. Security can also be defined as a layer created to separate assets from threats [4]. In order to understand clearly about security, it is very important to understand important terminologies [5]. This research paper talks about important terminologies, concerns and challenges on Information System and Security Audit. This research seeks explanation from the observed phenomena, problems or behavior and thus exploratory research is used. The outcome of this research is an overview of different security concerns that must be sincerely addressed in any Information System and Security Audit.

show abstract

Security Design for D2D

Wang¹,

Yan²

2019

Wiley 5G Ref

View full text Add to dashboard Cite

Device‐to‐device (D2D) communication has emerged as a promising technology for the next‐generation mobile communication networks and wireless systems (5G). As an underlay network of conventional cellular networks, e.g. LTE and 5G network, D2D communications have shown great potential in improving communication capability, erasing communication delay, reducing power dissipation, and fostering multifarious new applications and services. In spite of the significant benefits, new application scenarios and system architecture expose D2D services into specific security and privacy threats and issues. These issues hinder the success of various D2D services. In this article, we explore a security architecture for D2D communications under 5G framework. Under this architecture, we investigate potential security and privacy threats and specify security and privacy requirements for designing a security and privacy, preserving D2D system. The state‐of‐the‐art solutions on security and privacy in D2D communications are reviewed comprehensively and intensively and evaluated under the security architecture. The analysis results show the features and drawbacks of existing works when coping with these security and privacy threats and requirements. Finally, we point out open research issues from the existing works and inspire future research efforts.

show abstract

An introduction to computer security :

Cited by 73 publications

References 0 publications

A new lightweight method for security risk assessment based on fuzzy cognitive maps

A new lightweight method for security risk assessment based on fuzzy cognitive maps

Concerns on Information System and Security Audit

Security Design for D2D

Contact Info

Product

Resources

About