Adrian Munteanu scite author profile

Adrian Munteanu

5Publications

9Citation Statements Received

48Citation Statements Given

How they've been cited

How they cite others

136

Affiliations

Teamnet (Romania), Alexandru Ioan Cuza University

Publications

Order By: Most citations

Running the risk IT – more perception and less probabilities in uncertain systems

Munteanu

2017

ICS

View full text Add to dashboard Cite

Purpose This study aims to argue that in the case of quantitative security risk assessment, individuals do not estimate probabilities as a likelihood measure of event occurrence. Design/methodology/approach The study uses the most commonly used quantitative assessment approach, the annualized loss expectancy (ALE), to support the three research hypotheses. Findings The estimated probabilities used in quantitative models are subjective. Research limitations/implications The ALE model used in security risk assessment, although it is presented in the literature as quantitative, is, in fact, qualitative being influenced by bias. Practical implications The study provides a factual basis showing that quantitative assessment is neither realistic nor practical to the real world. Originality/value A model that cannot be tested experimentally is not a scientific model. In fact, the probability used in ISRM is an empirical probability or estimator of a probability because it estimates probabilities from experience and observation.

show abstract

Information Systems Security Risk Assessment: Harmonization with International Accounting Standards

Munteanu

Fotache

Dospinescu

2008

View full text Add to dashboard Cite

How Much Matter Probabilities in Information Security Quantitative Risk Assessment?

2015

View full text Add to dashboard Cite

Framework for the Assessment of Data Masking Performance Penalties in SQL Database Servers. Case Study: Oracle

Fotache

Munteanu

Strîmbei³

et al. 2023

IEEE Access

View full text Add to dashboard Cite

Dynamic data masking (DDM) is a powerful data-security technique for protecting personal and other sensitive information in databases from unauthorized access. A DDM can be used to mask or obfuscate information in real time, as it is accessed by unauthorized users. This prevents sensitive information from being exposed, while still allowing authorized users to access the data. In current multilayered applications, data masking may be incorporated as special modules placed anywhere between the storage and user interface. In this paper, we consider the solution of implementing masking directly in the persistence layer so that data do not travel unmasked along the network. The data at rest are unchanged (i.e., unmasked), but when users query the database, the sensitive columns in the results are displayed in a masked format, which makes it impossible to identify the original data. Given the diversity of masking features proposed by commercial and open-source database servers, this study proposes a framework for assessing the performance penalty of SQL queries when using database masking relative to the original (unmasking) scenario. We implemented and applied the framework to a basic masking scenario in the Oracle database server using the TPC-H benchmark database. Exploratory analysis and Machine Learning models suggest that DDM has a weak impact on query performance. This could be a powerful incentive for incorporating DDM in real-world software applications when up to 100GB data is stored using Oracle database server.

show abstract

Information Integration and Organizational Performance: The Promise and Perils of Enterprise Systems

Fotache

Dospinescu²,

Munteanu

2006

SSRN Journal

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Adrian Munteanu

Running the risk IT – more perception and less probabilities in uncertain systems

Information Systems Security Risk Assessment: Harmonization with International Accounting Standards

How Much Matter Probabilities in Information Security Quantitative Risk Assessment?

Framework for the Assessment of Data Masking Performance Penalties in SQL Database Servers. Case Study: Oracle

Information Integration and Organizational Performance: The Promise and Perils of Enterprise Systems

Contact Info

Product

Resources

About