2014
DOI: 10.5120/18097-9155
|View full text |Cite
|
Sign up to set email alerts
|

Information Security Risk Assessment A Practical Approach with a Mathematical Formulation of Risk

Abstract: Risk management methodologies, such as Mehari, Ebios, CRAMM and SP 800-30 (NIST) use a common step based on threat, vulnerability and probability witch are typically evaluated intuitively using verbal hazard scales such as low, medium, high. Because of their subjectivity, these categories are extremely difficult to assign to threats, vulnerabilities and probability, or indeed, to interpret with any degree of confidence. The purpose of the paper is to propose a mathematical formulation of risk by using a lower … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
12
0
3

Year Published

2015
2015
2022
2022

Publication Types

Select...
7
2
1

Relationship

1
9

Authors

Journals

citations
Cited by 28 publications
(15 citation statements)
references
References 6 publications
0
12
0
3
Order By: Relevance
“…The article [7] proposes a mathematical formulation of risk using the SI main concepts of such risk management methodologies as MEHARI, EBIOS, CRAMM and SP 800-30 (NIST).…”
Section: Analysis Of Recent Studies and Publicationsmentioning
confidence: 99%
“…The article [7] proposes a mathematical formulation of risk using the SI main concepts of such risk management methodologies as MEHARI, EBIOS, CRAMM and SP 800-30 (NIST).…”
Section: Analysis Of Recent Studies and Publicationsmentioning
confidence: 99%
“…[20] is the system that maintains security for personal information. [16] is the practical approach by applying a mathematical formulation of web vulnerabilities. [25] is the research work related to reduction of denial of service attacks using web service filters.…”
Section: Other Web Vulnerability Detection Systemsmentioning
confidence: 99%
“…[20] is the system that maintains security for personal information. [16] is the practical approach by applying mathematical formulation of web vulnerabilities. [26] is the research work related to reduction of denial of service attacks using web service filters.…”
Section: Other Web Vulnerability Detection Systemsmentioning
confidence: 99%