A comprehensive framework for comparing system security risk assessment methods

Tianxi Dong; Surya B. Yadav

A comprehensive framework for comparing system security risk assessment methods

Tianxi Dong, Surya B. Yadav

Business Administration

Research output: Contribution to conference › Paper

1 Scopus citations

Abstract

With the increasing importance of system security risk assessment, a number of system security risk assessment methods or models have already appeared and more are emerging every day. Therefore it is difficult for organizations to select a method that best suits their requirements. The difficulty of selection drives the need toward a comparative framework to evaluate system security risk assessment methods. In the underlying research-in-progress paper we propose a comprehensive framework for comparing system security assessment methods. Unlike most of the existing comparative framework, the proposed framework covers the whole process of system security risk assessment based on the evaluation criteria of completeness and effectiveness. In our future research, three current system security risk assessment methods will be evaluated using the proposed comparative framework. This framework will highlight the strengths and weaknesses of the methods compared.

Original language	English
State	Published - 2014
Event	20th Americas Conference on Information Systems, AMCIS 2014 - Savannah, GA, United States Duration: Aug 7 2014 → Aug 9 2014

Conference

Conference	20th Americas Conference on Information Systems, AMCIS 2014
Country	United States
City	Savannah, GA
Period	08/7/14 → 08/9/14

Keywords

Comparative framework
SSR assessment method
System security risk assessment

Access to Document

Link to publication in Scopus

Fingerprint Dive into the research topics of 'A comprehensive framework for comparing system security risk assessment methods'. Together they form a unique fingerprint.

Cite this

Dong, T., & Yadav, S. B. (2014). A comprehensive framework for comparing system security risk assessment methods. Paper presented at 20th Americas Conference on Information Systems, AMCIS 2014, Savannah, GA, United States.

@conference{e57916eb2bac4a2ea445e544415b003b,

title = "A comprehensive framework for comparing system security risk assessment methods",

abstract = "With the increasing importance of system security risk assessment, a number of system security risk assessment methods or models have already appeared and more are emerging every day. Therefore it is difficult for organizations to select a method that best suits their requirements. The difficulty of selection drives the need toward a comparative framework to evaluate system security risk assessment methods. In the underlying research-in-progress paper we propose a comprehensive framework for comparing system security assessment methods. Unlike most of the existing comparative framework, the proposed framework covers the whole process of system security risk assessment based on the evaluation criteria of completeness and effectiveness. In our future research, three current system security risk assessment methods will be evaluated using the proposed comparative framework. This framework will highlight the strengths and weaknesses of the methods compared.",

keywords = "Comparative framework, SSR assessment method, System security risk assessment",

author = "Tianxi Dong and Yadav, {Surya B.}",

year = "2014",

language = "English",

note = "null ; Conference date: 07-08-2014 Through 09-08-2014",

}

TY - CONF

T1 - A comprehensive framework for comparing system security risk assessment methods

AU - Dong, Tianxi

AU - Yadav, Surya B.

PY - 2014

Y1 - 2014

N2 - With the increasing importance of system security risk assessment, a number of system security risk assessment methods or models have already appeared and more are emerging every day. Therefore it is difficult for organizations to select a method that best suits their requirements. The difficulty of selection drives the need toward a comparative framework to evaluate system security risk assessment methods. In the underlying research-in-progress paper we propose a comprehensive framework for comparing system security assessment methods. Unlike most of the existing comparative framework, the proposed framework covers the whole process of system security risk assessment based on the evaluation criteria of completeness and effectiveness. In our future research, three current system security risk assessment methods will be evaluated using the proposed comparative framework. This framework will highlight the strengths and weaknesses of the methods compared.

AB - With the increasing importance of system security risk assessment, a number of system security risk assessment methods or models have already appeared and more are emerging every day. Therefore it is difficult for organizations to select a method that best suits their requirements. The difficulty of selection drives the need toward a comparative framework to evaluate system security risk assessment methods. In the underlying research-in-progress paper we propose a comprehensive framework for comparing system security assessment methods. Unlike most of the existing comparative framework, the proposed framework covers the whole process of system security risk assessment based on the evaluation criteria of completeness and effectiveness. In our future research, three current system security risk assessment methods will be evaluated using the proposed comparative framework. This framework will highlight the strengths and weaknesses of the methods compared.

KW - Comparative framework

KW - SSR assessment method

KW - System security risk assessment

UR - http://www.scopus.com/inward/record.url?scp=84905980484&partnerID=8YFLogxK

M3 - Paper

AN - SCOPUS:84905980484

Y2 - 7 August 2014 through 9 August 2014

ER -