A Causal Model for Information Security Risk Assessment
| dc.contributor.author | Kondakçı, Süleyman | |
| dc.date.accessioned | 2023-06-16T15:00:49Z | |
| dc.date.available | 2023-06-16T15:00:49Z | |
| dc.date.issued | 2010 | |
| dc.description | 2010 6th International Conference on Information Assurance and Security, IAS 2010 -- 23 August 2010 through 25 August 2010 -- Atlanta, GA -- 82434 | en_US |
| dc.description.abstract | This paper presents a probabilistic approach to encode causal relationships among various threat sources and victim systems in order to facilitate quantitative and relational security assessment of information systems. In addition to providing a simple risk analysis approach compared to qualitative methods, it is unique in that it makes no a priori assumptions regarding the test domain. Therefore, it applies equally well to a variety of information systems, software development projects, IT products, and other decision making systems. The entire framework proposes a unique concept to analyse dependence and causality within a network of interdependent assets. Security risk management is mostly considered by security certification authorities, test and evaluation facilities, and some organizations such as CC, CCITT, and ISACA. In order to invent new methods that can facilitate security management, we need to consider risk assessment as a major research topic for evaluation facilities. © 2010 IEEE. | en_US |
| dc.identifier.doi | 10.1109/ISIAS.2010.5604039 | |
| dc.identifier.isbn | 9.78E+12 | |
| dc.identifier.scopus | 2-s2.0-78349282314 | |
| dc.identifier.uri | https://doi.org/10.1109/ISIAS.2010.5604039 | |
| dc.identifier.uri | https://hdl.handle.net/20.500.14365/3573 | |
| dc.language.iso | en | en_US |
| dc.relation.ispartof | 2010 6th International Conference on Information Assurance and Security, IAS 2010 | en_US |
| dc.rights | info:eu-repo/semantics/closedAccess | en_US |
| dc.subject | Risk modeling | en_US |
| dc.subject | Security analysis | en_US |
| dc.subject | Test methods and tools | en_US |
| dc.subject | Uncertainty inference | en_US |
| dc.subject | Analysis approach | en_US |
| dc.subject | Causal model | en_US |
| dc.subject | Causal relationships | en_US |
| dc.subject | Decision-making systems | en_US |
| dc.subject | Information security risk assessment | en_US |
| dc.subject | IT products | en_US |
| dc.subject | Probabilistic approaches | en_US |
| dc.subject | Qualitative method | en_US |
| dc.subject | Research topics | en_US |
| dc.subject | Risk modeling | en_US |
| dc.subject | Security analysis | en_US |
| dc.subject | Security assessment | en_US |
| dc.subject | Security certification | en_US |
| dc.subject | Security management | en_US |
| dc.subject | Software development projects | en_US |
| dc.subject | Test and evaluation | en_US |
| dc.subject | Test method | en_US |
| dc.subject | Uncertainty inference | en_US |
| dc.subject | Information systems | en_US |
| dc.subject | Quality control | en_US |
| dc.subject | Risk analysis | en_US |
| dc.subject | Risk assessment | en_US |
| dc.subject | Risk management | en_US |
| dc.subject | Risk perception | en_US |
| dc.subject | Security systems | en_US |
| dc.subject | Software design | en_US |
| dc.subject | Uncertainty analysis | en_US |
| dc.subject | Security of data | en_US |
| dc.title | A Causal Model for Information Security Risk Assessment | en_US |
| dc.type | Conference Object | en_US |
| dspace.entity.type | Publication | |
| gdc.author.scopusid | 15061511300 | |
| gdc.bip.impulseclass | C5 | |
| gdc.bip.influenceclass | C4 | |
| gdc.bip.popularityclass | C5 | |
| gdc.coar.access | metadata only access | |
| gdc.coar.type | text::conference output | |
| gdc.collaboration.industrial | false | |
| gdc.description.departmenttemp | Kondakci, S., Izmir University of Economics, Faculty of Engineering and Computer Sciences, 35330 Balcova-Izmir, Turkey | en_US |
| gdc.description.endpage | 148 | en_US |
| gdc.description.publicationcategory | Konferans Öğesi - Uluslararası - Kurum Öğretim Elemanı | en_US |
| gdc.description.scopusquality | N/A | |
| gdc.description.startpage | 143 | en_US |
| gdc.description.wosquality | N/A | |
| gdc.identifier.openalex | W2034000848 | |
| gdc.index.type | Scopus | |
| gdc.oaire.diamondjournal | false | |
| gdc.oaire.impulse | 3.0 | |
| gdc.oaire.influence | 3.4296588E-9 | |
| gdc.oaire.isgreen | false | |
| gdc.oaire.popularity | 1.4140151E-9 | |
| gdc.oaire.publicfunded | false | |
| gdc.oaire.sciencefields | 0202 electrical engineering, electronic engineering, information engineering | |
| gdc.oaire.sciencefields | 02 engineering and technology | |
| gdc.openalex.collaboration | National | |
| gdc.openalex.fwci | 3.48221308 | |
| gdc.openalex.normalizedpercentile | 0.94 | |
| gdc.openalex.toppercent | TOP 10% | |
| gdc.opencitations.count | 8 | |
| gdc.plumx.crossrefcites | 7 | |
| gdc.plumx.mendeley | 33 | |
| gdc.plumx.scopuscites | 13 | |
| gdc.scopus.citedcount | 13 | |
| gdc.virtual.author | Kondakçı, Süleyman | |
| relation.isAuthorOfPublication | 3803a306-2ebf-4571-b717-d5fc214767b5 | |
| relation.isAuthorOfPublication.latestForDiscovery | 3803a306-2ebf-4571-b717-d5fc214767b5 | |
| relation.isOrgUnitOfPublication | b4714bc5-c5ae-478f-b962-b7204c948b70 | |
| relation.isOrgUnitOfPublication | 26a7372c-1a5e-42d9-90b6-a3f7d14cad44 | |
| relation.isOrgUnitOfPublication | e9e77e3e-bc94-40a7-9b24-b807b2cd0319 | |
| relation.isOrgUnitOfPublication.latestForDiscovery | b4714bc5-c5ae-478f-b962-b7204c948b70 |
Files
Original bundle
1 - 1 of 1