By Topic

A remote IT security evaluation scheme: a proactive approach to risk management

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Kondakci, S. ; Fac. of Comput. Sci., Izmir Univ. of Econ.

We present a new model to conduct security evaluation of remote assets with dedicated profiles. An alternative approach to risk management in information assurance (IA) and a related protocol for remote evaluation of information assets is presented here. Application of this protocol ensures long-term risk management, hence efficient proactive lifecycle protection of critical information systems. Due to its generic and interoperable structure based on the modern Web technologies, the protocol can be applied to risk assessment and evaluation of a multitude type of systems. The protocol consists of a secure communication architecture associated with each asset a security profile, and software services and agents that communicate over the Internet and other open networks. The secure communication architecture uses a secure exchange protocol incorporating the fast elliptic curve cryptography. Interoperable, continuous, inexpensive, time- and location-neutral, and minimum resource usage are some of its advantages. With this new notion, we also aim at inspiring developers and researchers to develop value-added security evaluation tools, techniques and procedures

Published in:

Information Assurance, 2006. IWIA 2006. Fourth IEEE International Workshop on

Date of Conference:

13-14 April 2006