Two-Dimensional Qualitative Asset Analysis Method based on Business Process-Oriented Asset Evaluation |
Eom, Jung-Ho
(Department of Information and Communication Engineering, Sungkyunkwan University)
Park, Seon-Ho (Department of Information and Communication Engineering, Sungkyunkwan University) Kim, Tae-Kyung (Department of Information and Communication Engineering, Sungkyunkwan University) Chung, Tai-Myoung (Department of Information and Communication Engineering, Sungkyunkwan University) |
1 | ISO/IEC TR 13335 (Part 1): Concepts and Models for IT Security, ISO/IEC JTC1/SC 27, 1996 |
2 | ISO/IEC TR 13335 (Part 2): Managing and Planning IT Security, ISO/IEC JTC1/SC 27, 1997 |
3 | ISO/IEC TR 13335 (Part 3): Techniques for the Management of IT Security, ISO/IEC JTC1/SC 27, 1997 |
4 | NIST Special Publication 800-30: Computer Security-Risk Management Guide, NIST, 2001 |
5 | B. D. Jenkins, 'Security risk analysis and management' Countermeasures, Inc, 1998 |
6 | BS 7799-Guide to Risk Assessment and Risk management, BSI, 1998 |
7 | Christopher J. Alberts et al, 'OCTAVE: Operationally Critical Threat, Asset, and Vulnerability Evaluation, Software Engineering Institute Carnegie Mellon, 1999 |
8 | CSE MG-3: A Guide to Risk Assessment and Safeguard Selection For Information Technology Systems, Communications Security Establishment, January 1996 |
9 | Bingyang Zhou, 'Risk Analysis and Assessment using Object-Oriented Techniques', IEEE Computer Society, Volume 137255, pp. 42-145, 1999 |
10 | James W. Freeman et al, 'Risk Assessment for Large Heterogeneous Systems', IEEE Computer Security Applications, Volume 60412, pp. 44-53, 1997 |
11 | Frank J. Groen, et al, 'QRAS-The Quantitative Risk Assessment System', IEEE Reliability and Maintainability Symposium, Volume 21871, pp. 349-355, 2002 |
12 | Risk Analysis and Management Standards for Public Information Systems Security-Concepts and Models, TTA-Korea, 1998 |
13 | Risk Analysis and Management Standards for Public Information Systems Security-Risk Analysis, TTAKorea, 2000 |
14 | Jung Ho Eom, Sang Hoon Lee and Tai M. Chung, 'A study on the Simplified Cost-Benefit Analysis to Select Safeguards against Risks in the Risk Management, SAM 2002, pp. 292-297, June, 2002 |