Please use this identifier to cite or link to this item: https://hdl.handle.net/20.500.14365/3573
Full metadata record
DC FieldValueLanguage
dc.contributor.authorKondakçı, Süleyman-
dc.date.accessioned2023-06-16T15:00:49Z-
dc.date.available2023-06-16T15:00:49Z-
dc.date.issued2010-
dc.identifier.isbn9.78142E+12-
dc.identifier.urihttps://doi.org/10.1109/ISIAS.2010.5604039-
dc.identifier.urihttps://hdl.handle.net/20.500.14365/3573-
dc.description2010 6th International Conference on Information Assurance and Security, IAS 2010 -- 23 August 2010 through 25 August 2010 -- Atlanta, GA -- 82434en_US
dc.description.abstractThis paper presents a probabilistic approach to encode causal relationships among various threat sources and victim systems in order to facilitate quantitative and relational security assessment of information systems. In addition to providing a simple risk analysis approach compared to qualitative methods, it is unique in that it makes no a priori assumptions regarding the test domain. Therefore, it applies equally well to a variety of information systems, software development projects, IT products, and other decision making systems. The entire framework proposes a unique concept to analyse dependence and causality within a network of interdependent assets. Security risk management is mostly considered by security certification authorities, test and evaluation facilities, and some organizations such as CC, CCITT, and ISACA. In order to invent new methods that can facilitate security management, we need to consider risk assessment as a major research topic for evaluation facilities. © 2010 IEEE.en_US
dc.language.isoenen_US
dc.relation.ispartof2010 6th International Conference on Information Assurance and Security, IAS 2010en_US
dc.rightsinfo:eu-repo/semantics/closedAccessen_US
dc.subjectRisk modelingen_US
dc.subjectSecurity analysisen_US
dc.subjectTest methods and toolsen_US
dc.subjectUncertainty inferenceen_US
dc.subjectAnalysis approachen_US
dc.subjectCausal modelen_US
dc.subjectCausal relationshipsen_US
dc.subjectDecision-making systemsen_US
dc.subjectInformation security risk assessmenten_US
dc.subjectIT productsen_US
dc.subjectProbabilistic approachesen_US
dc.subjectQualitative methoden_US
dc.subjectResearch topicsen_US
dc.subjectRisk modelingen_US
dc.subjectSecurity analysisen_US
dc.subjectSecurity assessmenten_US
dc.subjectSecurity certificationen_US
dc.subjectSecurity managementen_US
dc.subjectSoftware development projectsen_US
dc.subjectTest and evaluationen_US
dc.subjectTest methoden_US
dc.subjectUncertainty inferenceen_US
dc.subjectInformation systemsen_US
dc.subjectQuality controlen_US
dc.subjectRisk analysisen_US
dc.subjectRisk assessmenten_US
dc.subjectRisk managementen_US
dc.subjectRisk perceptionen_US
dc.subjectSecurity systemsen_US
dc.subjectSoftware designen_US
dc.subjectUncertainty analysisen_US
dc.subjectSecurity of dataen_US
dc.titleA causal model for information security risk assessmenten_US
dc.typeConference Objecten_US
dc.identifier.doi10.1109/ISIAS.2010.5604039-
dc.identifier.scopus2-s2.0-78349282314en_US
dc.authorscopusid15061511300-
dc.identifier.startpage143en_US
dc.identifier.endpage148en_US
dc.relation.publicationcategoryKonferans Öğesi - Uluslararası - Kurum Öğretim Elemanıen_US
dc.identifier.scopusqualityN/A-
dc.identifier.wosqualityN/A-
item.grantfulltextreserved-
item.openairetypeConference Object-
item.openairecristypehttp://purl.org/coar/resource_type/c_18cf-
item.fulltextWith Fulltext-
item.languageiso639-1en-
item.cerifentitytypePublications-
crisitem.author.dept05.05. Computer Engineering-
Appears in Collections:Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection
Files in This Item:
File SizeFormat 
2665.pdf
  Restricted Access
394.4 kBAdobe PDFView/Open    Request a copy
Show simple item record



CORE Recommender

SCOPUSTM   
Citations

13
checked on Nov 20, 2024

Page view(s)

64
checked on Nov 18, 2024

Download(s)

6
checked on Nov 18, 2024

Google ScholarTM

Check




Altmetric


Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.