By Topic

A novel security risk assessment model for information system

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Huiying Lv ; Sch. of Inf. Eng., Capital Normal Univ., Beijing, China

Security defense against threats is very important to information system. A novel security risk assessment model is presented. In this model, an information system consists of a series of network nodes, which have three elements: assets, rights and vulnerabilities. To analyze the relevance between vulnerabilities, an algorithm for intrusion path discovery is proposed centralized on assets. By investigating the intrusion paths found, the system risk is quantitatively evaluated on vulnerabilities, nodes, assets, or system, which indicates the risk situation of the system. A simulation experiment and results verify availability and effectiveness of the model.

Published in:

Advanced Computer Control (ICACC), 2010 2nd International Conference on  (Volume:4 )

Date of Conference:

27-29 March 2010