Search results for: Physical Security
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 2357

Search results for: Physical Security

2357 Enhancing the Network Security with Gray Code

Authors: Thomas Adi Purnomo Sidhi

Abstract:

Nowadays, network is an essential need in almost every part of human daily activities. People now can seamlessly connect to others through the Internet. With advanced technology, our personal data now can be more easily accessed. One of many components we are concerned for delivering the best network is a security issue. This paper is proposing a method that provides more options for security. This research aims to improve network security by focusing on the physical layer which is the first layer of the OSI model. The layer consists of the basic networking hardware transmission technologies of a network. With the use of observation method, the research produces a schematic design for enhancing the network security through the gray code converter.

Keywords: Network, network security, gray code, physical layer.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2168
2356 ISCS (Information Security Check Service) for the Safety and Reliability of Communications

Authors: Jong-Whoi Shin, Jin-Tae Lee, Sang-Soo Jang, Jae-II Lee

Abstract:

Recent widespread use of information and communication technology has greatly changed information security risks that businesses and institutions encounter. Along with this situation, in order to ensure security and have confidence in electronic trading, it has become important for organizations to take competent information security measures to provide international confidence that sensitive information is secure. Against this backdrop, the approach to information security checking has come to an important issue, which is believed to be common to all countries. The purpose of this paper is to introduce the new system of information security checking program in Korea and to propose synthetic information security countermeasures under domestic circumstances in order to protect physical equipment, security management and technology, and the operation of security check for securing services on ISP(Internet Service Provider), IDC(Internet Data Center), and e-commerce(shopping malls, etc.)

Keywords: Information Security Check Service, safety criteria, object enterpriser.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1610
2355 Security Engine Management of Router based on Security Policy

Authors: Su Hyung Jo, Ki Young Kim, Sang Ho Lee

Abstract:

Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper relates to a security engine management of router based on a security policy, which is the definition of security function against a network intrusion. This paper explains the security policy and designs the structure of security engine management framework.

Keywords: Policy server, security engine, security management, security policy

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1921
2354 Web Service Security Method To SOA Development

Authors: Nafise Fareghzadeh

Abstract:

Web services provide significant new benefits for SOAbased applications, but they also expose significant new security risks. There are huge number of WS security standards and processes. At present, there is still a lack of a comprehensive approach which offers a methodical development in the construction of secure WS-based SOA. Thus, the main objective of this paper is to address this needs, presenting a comprehensive method for Web Services Security guaranty in SOA. The proposed method defines three stages, Initial Security Analysis, Architectural Security Guaranty and WS Security Standards Identification. These facilitate, respectively, the definition and analysis of WS-specific security requirements, the development of a WS-based security architecture and the identification of the related WS security standards that the security architecture must articulate in order to implement the security services.

Keywords: Kernel, Repository, Security Standards, WS Security Policy, WS specification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1427
2353 A Survey of Attacks and Security Requirements in Wireless Sensor Networks

Authors: Vishnu Pratap Singh Kirar

Abstract:

Wireless sensor network (WSN) is a network of many interconnected networked systems, they equipped with energy resources and they are used to detect other physical characteristics. On WSN, there are many researches are performed in past decades. WSN applicable in many security systems govern by military and in many civilian related applications. Thus, the security of WSN gets attention of researchers and gives an opportunity for many future aspects. Still, there are many other issues are related to deployment and overall coverage, scalability, size, energy efficiency, quality of service (QoS), computational power and many more. In this paper we discus about various applications and security related issue and requirements of WSN.

Keywords: Wireless Sensor Network (WSN), Wireless Network Attacks, Wireless Network Security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2995
2352 Towards Security in Virtualization of SDN

Authors: Wanqing You, Kai Qian, Xi He, Ying Qian

Abstract:

In this paper, the potential security issues brought by the virtualization of a Software Defined Networks (SDN) would be analyzed. The virtualization of SDN is achieved by FlowVisor (FV). With FV, a physical network is divided into multiple isolated logical networks while the underlying resources are still shared by different slices (isolated logical networks). However, along with the benefits brought by network virtualization, it also presents some issues regarding security. By examining security issues existing in an OpenFlow network, which uses FlowVisor to slice it into multiple virtual networks, we hope we can get some significant results and also can get furtherdiscussions among the security of SDN virtualization.

Keywords: FlowVisor, Network virtualization, Potential threats, Possible solutions.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2162
2351 Research on Software Security Testing

Authors: Gu Tian-yang, Shi Yin-sheng, Fang You-yuan

Abstract:

Software security testing is an important means to ensure software security and trustiness. This paper first mainly discusses the definition and classification of software security testing, and investigates methods and tools of software security testing widely. Then it analyzes and concludes the advantages and disadvantages of various methods and the scope of application, presents a taxonomy of security testing tools. Finally, the paper points out future focus and development directions of software security testing technology.

Keywords: security testing, security functional testing, securityvulnerability testing, testing method, testing tool

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 5134
2350 Can We Secure Security?

Authors: Dominykas Broga

Abstract:

Until recently it would have been unusual to consider classifying population movements and refugees as security problem. However, efforts at shaping our world to make ourselves secure have paradoxically led to ever greater insecurity. The feeling of uncertainty, pertinent throughout all discourses of security, has led to the creation of security production into seemingly benign routines of everyday life. Yet, the paper argues, neither of security discourses accounted for, disclosed and challenged the fundamental aporias embedded in Western security narratives. In turn, the paper aims to unpick the conventional security wisdom, which is haunted with strong ontologies, embedded in the politics of Orientalism, and (in)security nexus. The paper concludes that current security affair conceals the integral impossibility of fulfilling its very own promise of assured security. The paper also provides suggestions about alternative security discourse based on mutual dialogue.

Keywords: Identity, (in)security, migration, ontology

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1600
2349 Towards a Secure Storage in Cloud Computing

Authors: Mohamed Elkholy, Ahmed Elfatatry

Abstract:

Cloud computing has emerged as a flexible computing paradigm that reshaped the Information Technology map. However, cloud computing brought about a number of security challenges as a result of the physical distribution of computational resources and the limited control that users have over the physical storage. This situation raises many security challenges for data integrity and confidentiality as well as authentication and access control. This work proposes a security mechanism for data integrity that allows a data owner to be aware of any modification that takes place to his data. The data integrity mechanism is integrated with an extended Kerberos authentication that ensures authorized access control. The proposed mechanism protects data confidentiality even if data are stored on an untrusted storage. The proposed mechanism has been evaluated against different types of attacks and proved its efficiency to protect cloud data storage from different malicious attacks.

Keywords: Access control, data integrity, data confidentiality, Kerberos authentication, cloud security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1771
2348 Security of Internet of Things: Challenges, Requirements and Future Directions

Authors: Amjad F. Alharbi, Bashayer A. Alotaibi, Fahd S. Alotaibi

Abstract:

The emergence of Internet of Things (IoT) technology provides capabilities for a huge number of smart devices, services and people to be communicate with each other for exchanging data and information over existing network. While as IoT is progressing, it provides many opportunities for new ways of communications as well it introduces many security and privacy threats and challenges which need to be considered for the future of IoT development. In this survey paper, an IoT security issues as threats and current challenges are summarized. The security architecture for IoT are presented from four main layers. Based on these layers, the IoT security requirements are presented to insure security in the whole system. Furthermore, some researches initiatives related to IoT security are discussed as well as the future direction for IoT security are highlighted.

Keywords: Internet of Things, IoT, IoT security challenges, IoT security requirements, IoT security architecture.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1202
2347 Systems and Software Safety and Security

Authors: Marzieh Mokhtaripour

Abstract:

Security issue and the importance of the function of police to provide practical and psychological contexts in the community has been the main topics among researchers , police and security circles and this subject require to review and analysis mechanisms within the police and its interaction with other parts of the system for providing community safety. This paper examine national and social security in the Internet.

Keywords: Internet National security Social security

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1266
2346 A Novel Security Framework for the Web System

Authors: J. P. Dubois, P. G. Jreije

Abstract:

In this paper, a framework is presented trying to make the most secure web system out of the available generic and web security technology which can be used as a guideline for organizations building their web sites. The framework is designed to provide necessary security services, to address the known security threats, and to provide some cover to other security problems especially unknown threats. The requirements for the design are discussed which guided us to the design of secure web system. The designed security framework is then simulated and various quality of service (QoS) metrics are calculated to measure the performance of this system.

Keywords: Web Security, Internet Voting, Firewall, QoS, Latency, Utilization, Throughput.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1344
2345 Institutional Aspects of Information Security in Russian Economy

Authors: Mingaleva Zhanna, Kapuskina Tatiana

Abstract:

The article touches upon questions of information security in Russian Economy. It covers theoretical bases of information security and causes of its development. The theory is proved by the analysis of business activities and the main tendencies of information security development. Perm region has been chosen as the bases for the analysis, being the fastestdeveloping region that uses methods of information security in managing it economy. As a result of the study the authors of the given article have formulated their own vision of the problem of information security in various branches of economy and stated prospects of information security development and its growing role in Russian economy

Keywords: security of business, management of information security, institutional analyses.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1319
2344 Combination of Information Security Standards to Cover National Requirements

Authors: Sh. Ladan, A. Yari, H. Khodabandeh

Abstract:

The need for Information Security in organizations, regardless of their type and size, is being addressed by emerging standards and recommended best practices. The various standards and practices which evolved in recent years and are still being developed and constantly revised, address the issue of Information Security from different angles. This paper attempts to provide an overview of Information Security Standards and Practices by briefly discussing some of the most popular ones. Through a comparative study of their similarities and differences, some insight can be obtained on how their combination may lead to an increased level of Information Security.

Keywords: Information security management, information security standard, BS7799, ISO 17799, COBIT.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1554
2343 Privacy of RFID Systems: Security of Personal Data for End-Users

Authors: Firoz Khan

Abstract:

Privacy of RFID systems is receiving increasing attention in the RFID community. RFID privacy is important as the RFID tags will be attached to all kinds of products and physical objects including people. The possible abuse or excessive use of RFID tracking capability by malicious users can lead to potential privacy violations. In this paper, we will discuss how the different industries use RFID and the potential privacy and security issues while RFID is implemented in these industries. Although RFID technology offers interesting services to customer and retailers, it could also endanger the privacy of end-users. Personal data can be leaked if a protection mechanism is not deployed in the RFID systems. The paper summarizes many different solutions for implementing privacy and security while deploying RFID systems.

Keywords: RFID, privacy, security, encryption.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 975
2342 A Formal Implementation of Database Security

Authors: Yun Bai

Abstract:

This paper is to investigate the impplementation of security mechanism in object oriented database system. Formal methods plays an essential role in computer security due to its powerful expressiveness and concise syntax and semantics. In this paper, both issues of specification and implementation in database security environment will be considered; and the database security is achieved through the development of an efficient implementation of the specification without compromising its originality and expressiveness.

Keywords: database security, authorization policy, logic basedspecification

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1718
2341 Future Outlook and Current Situation for Security of Gas Supply in Eastern Baltic Region

Authors: Ando Leppiman, Kati Kõrbe Kaare, Ott Koppel

Abstract:

Growing demand for gas has rekindled a debate on gas security of supply due to supply interruptions, increasing gas prices, cross-border bottlenecks and a growing reliance on imports over longer distances. Security of supply is defined mostly as an infrastructure package to satisfy N-1 criteria. In case of Estonia, Finland, Latvia and Lithuania all the gas infrastructure is built to supply natural gas only from one single supplier, Russia. In 2012 almost 100% of natural gas to the Eastern Baltic Region was supplied by Gazprom. Under such circumstances infrastructure N-1 criteria does not guarantee security of supply. In the Eastern Baltic Region, the assessment of risk of gas supply disruption has been worked out by applying the method of risk scenarios. There are various risks to be tackled in Eastern Baltic States in terms of improving security of supply, such as single supplier risk, physical infrastructure risk, regulatory gap, fair price and competition. The objective of this paper is to evaluate the energy security of the Eastern Baltic Region within the framework of the European Union’s policies and to make recommendations on how to better guarantee the energy security of the region.

Keywords: Security of supply, supply routes for natural gas, energy balance, diversified supply options, common regulative package.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1905
2340 Enhancing Security and Privacy Protocols in Telehealth: A Comprehensive Approach across IoT/Fog/Cloud Environments

Authors: Yunyong Guo, Man Wang, Bryan Guo, Nathan Guo

Abstract:

This paper presents an advanced security and privacy model tailored for Telehealth systems, emphasizing end-to-end protection across IoT, Fog, and Cloud components. The proposed model integrates encryption, key management, intrusion detection, and privacy-preserving measures to safeguard patient data. A comprehensive simulation study evaluates the model's effectiveness in scenarios such as unauthorized access, physical breaches, and insider threats. Results indicate notable success in detecting and mitigating threats yet underscore areas for refinement. The study contributes insights into the intricate balance between security and usability in Telehealth environments, setting the stage for continued advancements.

Keywords: Cloud, enhancing security, Fog, IoT, telehealth.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 61
2339 E-government Security Modeling: Explaining Main Factors and Analysing Existing Models

Authors: N. Alharbi

Abstract:

E-government is becoming more important these days. However, the adoption of e-government is often slowed down by technical and non-technical security factors. Nowadays, there many security models that can make the e-government services more secure. This paper will explain the main security factors that affected the level of e-government security. Moreover, it will also analyse current existing models. Finally, the paper will suggest a comprehensive security model that will contain most of technical and non-technical factors.

Keywords: E-government, technical, non-technical, security model.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2073
2338 Security Risk Analysis Based on the Policy Formalization and the Modeling of Big Systems

Authors: Luc Cessieux, French Navy, Adrien Derock, DCNS/IMATH

Abstract:

Security risk models have been successful in estimating the likelihood of attack for simple security threats. However, modeling complex system and their security risk is even a challenge. Many methods have been proposed to face this problem. Often difficult to manipulate, and not enough all-embracing they are not as famous as they should with administrators and deciders. We propose in this paper a new tool to model big systems on purpose. The software, takes into account attack threats and security strength.

Keywords: Security, risk management, threat, modelization.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1324
2337 Assessing Stakeholders’ Interests in Postal Security

Authors: T. Männistö, M. Finger

Abstract:

The events of October 2010, where terrorists managed to get explosive devices onboard of three passenger aircrafts and two air freighters, demonstrated weaknesses of the international air cargo and airmail security. Ever since, postal security has gained interest among policymakers and authorities. This study augments the limited body of academic literature on the topic bydemarcating areas of postal security, identifying relevant stakeholders in each area, and investigating why these stakeholders engage in postal security. Research is based on a case study on Swiss Post’s mail service.

Keywords: Dangerous goods, mail bombs, postal security, supply chain security, theft of mail, trafficking.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1683
2336 Efficient and Timely Mutual Authentication Scheme for RFID Systems

Authors: Hesham A. El Zouka, Mustafa M. Hosni

Abstract:

The Radio Frequency Identification (RFID) technology has a diverse base of applications, but it is also prone to security threats. There are different types of security attacks which limit the range of the RFID applications. For example, deploying the RFID networks in insecure environments could make the RFID system vulnerable to many types of attacks such as spoofing attack, location traceability attack, physical attack and many more. Therefore, security is often an important requirement for RFID systems. In this paper, RFID mutual authentication protocol is implemented based on mobile agent technology and timestamp, which are used to provide strong authentication and integrity assurances to both the RFID readers and their corresponding RFID tags. The integration of mobile agent technology and timestamp provides promising results towards achieving this goal and towards reducing the security threats in RFID systems.

Keywords: RFID, security, authentication protocols, privacy, agent-based architecture, time-stamp, digital signature.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1790
2335 Prototype for Enhancing Information Security Awareness in Industry

Authors: E. Kritzinger, E. Smith

Abstract:

Human-related information security breaches within organizations are primarily caused by employees who have not been made aware of the importance of protecting the information they work with. Information security awareness is accordingly attracting more attention from industry, because stakeholders are held accountable for the information with which they work. The authors developed an Information Security Retrieval and Awareness model – entitled “ISRA" – that is tailored specifically towards enhancing information security awareness in industry amongst all users of information, to address shortcomings in existing information security awareness models. This paper is principally aimed at expounding a prototype for the ISRA model to highlight the advantages of utilizing the model. The prototype will focus on the non-technical, humanrelated information security issues in industry. The prototype will ensure that all stakeholders in an organization are part of an information security awareness process, and that these stakeholders are able to retrieve specific information related to information security issues relevant to their job category, preventing them from being overburdened with redundant information.

Keywords: Information security, information security awareness, information security awareness programs

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1679
2334 A Systematic Approach for Analyzing Multiple Cyber-Physical Attacks on the Smart Grid

Authors: Yatin Wadhawan, Clifford Neuman, Anas Al Majali

Abstract:

In this paper, we evaluate the resilience of the smart grid system in the presence of multiple cyber-physical attacks on its distinct functional components. We discuss attack-defense scenarios and their effect on smart grid resilience. Through contingency simulations in the Network and PowerWorld Simulator, we analyze multiple cyber-physical attacks that propagate from the cyber domain to power systems and discuss how such attacks destabilize the underlying power grid. The analysis of such simulations helps system administrators develop more resilient systems and improves the response of the system in the presence of cyber-physical attacks.

Keywords: Smart grid, resilience, gas pipeline, cyber-physical attack, security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1028
2333 Physical Education in the Brazilian Educational Law and National Curriculum Guidelines

Authors: Aline Dessupoio Chaves, Carla N. Luguetti, Michele Viviene Carbinatto

Abstract:

The aim of this study was to establish the relationship between the principles of Educational Sport and the objectives of Physical Education in two brasilian laws: National Curriculum Guidelines (PCNs) for the Elementary and Middle School Levels and the Guidelines and Basis Legislation (LDB). The method used was the survey analysis in order to determine the practices present in, or the opinions of, a specific population. The instrument used in this research was a questionnaire. After a broad review of the bibliography and according to the methodological procedures, the aim was to set the relationships between the Principles of Educational Sport and the objectives of Physical Education, according to the Brazilian Law (LDB) and National Curriculum Guidelines (PCNs) in a table made under the analysis of a group of specialists. As the relation between the principles of Educational Sport and the objectives of School Physical Education have shown, we can state that School Physical Education has gained pedagogical security for the potential use of Educational Sport as part of its contents.

Keywords: Educational sport, physical education, education.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2894
2332 Design of Integration Security System using XML Security

Authors: Juhan Kim, Soohyung Kim, Kiyoung Moon

Abstract:

In this paper, we design an integration security system that provides authentication service, authorization service, and management service of security data and a unified interface for the management service. The interface is originated from XKMS protocol and is used to manage security data such as XACML policies, SAML assertions and other authentication security data including public keys. The system includes security services such as authentication, authorization and delegation of authentication by employing SAML and XACML based on security data such as authentication data, attributes information, assertions and polices managed with the interface in the system. It also has SAML producer that issues assertions related on the result of the authentication and the authorization services.

Keywords: XML, XML Security, XACML.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1429
2331 An Analysis of Innovative Cloud Model as Bridging the Gap between Physical and Virtualized Business Environments: The Customer Perspective

Authors: Asim Majeed, Rehan Bhana, Mak Sharma, Rebecca Goode, Nizam Bolia, Mike, Lloyd-Williams

Abstract:

This study aims to investigate and explore the underlying causes of security concerns of customers emerged when WHSmith transformed its physical system to virtualized business model through NetSuite. NetSuite is essentially fully integrated software which helps transforming the physical system to virtualized business model. Modern organisations are moving away from traditional business models to cloud based models and consequently it is expected to have a better, secure and innovative environment for customers. The vital issue of the modern age race is the security when transforming virtualized through cloud based models and designers of interactive systems often misunderstand privacy and even often ignore it, thus causing concerns for users. The content analysis approach is being used to collect the qualitative data from 120 online bloggers including TRUSTPILOT. The results and finding provide useful new insights into the nature and form of security concerns of online users after they have used the WHSmith services offered online through their website. Findings have theoretical as well as practical implications for the successful adoption of cloud computing Business-to-Business model and similar systems.

Keywords: Innovation, virtualization, cloud computing, organizational flexibility

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1755
2330 European Radical Right Parties as Actors in Securitization of Migration

Authors: Mehmet Gökay Özerim

Abstract:

This study reveals that anti-immigrant policies in Europe result from a process of securitization, and that, within this process, radical right parties have been formulating discourses and approaches through a construction process by using some common security themes. These security themes can be classified as national security, economic security, cultural security and internal security. The frequency with which radical right parties use these themes may vary according to the specific historical, social and cultural characteristics of a particular country.

Keywords: European Union, International Migration, Radical Right Parties, Securitization.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3412
2329 Security Architecture for Cloud Networking: A Survey

Authors: Vishnu Pratap Singh Kirar

Abstract:

In the cloud computing hierarchy IaaS is the lowest layer, all other layers are built over it. Thus it is the most important layer of cloud and requisite more importance. Along with advantages IaaS faces some serious security related issue. Mainly Security focuses on Integrity, confidentiality and availability. Cloud computing facilitate to share the resources inside as well as outside of the cloud. On the other hand, cloud still not in the state to provide surety to 100% data security. Cloud provider must ensure that end user/client get a Quality of Service. In this report we describe possible aspects of cloud related security.

Keywords: Cloud Computing, Cloud Networking, IaaS, PaaS, SaaS, Cloud Security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2244
2328 Effective Methodology for Security Risk Assessment of Computer Systems

Authors: Daniel F. García, Adrián Fernández

Abstract:

Today, computer systems are more and more complex and support growing security risks. The security managers need to find effective security risk assessment methodologies that allow modeling well the increasing complexity of current computer systems but also maintaining low the complexity of the assessment procedure. This paper provides a brief analysis of common security risk assessment methodologies leading to the selection of a proper methodology to fulfill these requirements. Then, a detailed analysis of the most effective methodology is accomplished, presenting numerical examples to demonstrate how easy it is to use.

Keywords: Computer security, qualitative and quantitative methods, risk assessment methodologies, security risk assessment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3166