FAHP-TOPSIS risks ranking models in ISMS

Mohyeddin, Mahsa Agha; Gharaee, Hossein

doi:10.1109/istel.2014.7000827

Cited by 7 publications

(7 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There were found certain relevant articles in the area of information security risk management and usage of some multi criteria decision analysis technique such as TOPSIS or PROMETHEE, but they were always in joint mixture models with the AHP technique [35], [36]. On the other hand, VECTOR matrix method was selected due to its simplicity and proven speed for the ranking of critical assets or security risks [12], [36].…”

Section: Vector Matrix Methodsmentioning

confidence: 99%

Comparisons of Bitcoin Cryptosystem with Other Common Internet Transaction Systems by AHP Technique

Maček¹,

Alagić²

2017

JIOS

View full text Add to dashboard Cite

This paper describes proposed methodology for evaluation of critical systems and prioritization of critical risks and assets identified in highly secured information systems. For different types of information assets or security environments it is necessary to apply different techniques and methods for their prioritization and evaluation. In this article, VECTOR matrix method for prioritization of critical assets and critical risks is explained and integrated into AHP (Analytic Hierarchy Process) technique as a set of fixed criteria for evaluation of defined alternatives. Bitcoin cryptocurrency was compared and evaluated along with other common Internet transaction systems by information security professionals according to defined VECTOR criteria. Also, the newly proposed hybrid AHP model is presented with potential case studies for future research. This article tries to discover security posture of Bitcoin cryptocurrency in the context of information security risks related to the existing most common online payment systems like e-banking, m-banking, and ecommerce.

show abstract

Section: Vector Matrix Methodsmentioning

confidence: 99%

Comparisons of Bitcoin Cryptosystem with Other Common Internet Transaction Systems by AHP Technique

Maček¹,

Alagić²

2017

JIOS

View full text Add to dashboard Cite

show abstract

“…Risk is the combination of likelihood and severity and can occur at different levels, thus has different effects and requires specific mitigation measures at any level [30]. In fact, all organizations are exposed to its underpinning security threats (e.g., malware, ransomware, phishing, denial of service, etc.…”

Section: Information Security Elements In Service Sciencementioning

confidence: 99%

Safeguarding Information in Service Science with Service Integration

2021

View full text Add to dashboard Cite

Service Science can be described through information, that underpins knowledge as enabler of service value chain. Therefore data, as a part of information, is a basic asset of the service market where undertakings constantly face high competition and try to protect such assets from malicious attackers. Information as to be preserved also for regulatory constraints, and traditional organizational models can have limits in doing so. In this paper it is discussed the possibility to manage both data protection and cyber security through an information security integrated management service (ISIMS). In fact, as per other cross-functional knowledge, information security and data privacy compliance can be managed via an integrated approach, as a possible evolution of the common organizational separation between their respective domains, namely Legal and IT. Moreover, this paper identifies major areas of benefits as well as current lack of integrated systems for information safeguard in Service Science.

show abstract

“…Risks have different dimensions and effects with the ability to occur at different levels and require their own specific preventative measures at any level [1]. Today, there is no organization that is not facing with certain security threats (e.g.…”

Section: Introductionmentioning

confidence: 99%

A Systematic Literature Review on the Application of Multicriteria Decision Making Methods for Information Security Risk Assessment

Maček¹,

Magdalenić²,

Ređep³

2020

IJSSE

View full text Add to dashboard Cite

In today's fast, agile, complex and interconnected business world, one of the main goals and concerns is to find an efficient and effective way of managing information security risks. So, one of the means is usage of multicriteria decision-making techniques for such purposes. The vast majority of research begins with some form of literature review. Thus, the review of the literature must be done thoroughly and impartially in order to obtain certain scientific value. This paper provides a systematic literature review (SLR) of relevant and recent literature from both research domains, namely information security risk management and multicriteria decision-making, identifying the standards, methods, techniques and tools that are considered to be the most relevant in the research areas observed. The main purpose of the paper is to discover complementary ISRA and MCDM methods that could be used as a basis to create a new hybrid model for more efficient evaluation of critical IT solutions. The related context, main goals, review methods, relevant results of each research phase along with the findings, papers' analysis, recommendations and conclusions are all given in this review article in order to fully comply with the SLR requirements.

show abstract

FAHP-TOPSIS risks ranking models in ISMS

Cited by 7 publications

References 14 publications

Comparisons of Bitcoin Cryptosystem with Other Common Internet Transaction Systems by AHP Technique

Comparisons of Bitcoin Cryptosystem with Other Common Internet Transaction Systems by AHP Technique

Safeguarding Information in Service Science with Service Integration

A Systematic Literature Review on the Application of Multicriteria Decision Making Methods for Information Security Risk Assessment

Contact Info

Product

Resources

About