Browse > Article

The Evaluation-based CBR Model for Security Risk Analysis  

Bang, Young-Hwan (한국과학기술정보연구원 바이오인포매틱스팀)
Lee, Gang-Soo (한남대학교 컴퓨터공학과)
Publication Information
Journal of KIISE:Computer Systems and Theory / v.34, no.7, 2007 , pp. 282-287 More about this Journal
Abstract
Information society is dramatically developing in the various areas of finance, trade, medical service, energy, and education using information system. Evaluation for risk analysis should be done before security management for information system and security risk analysis is the best method to safely prevent it from occurrence, solving weaknesses of information security service. In this paper, Modeling it did the evaluation-base CBD function it will be able to establish the evaluation plan of optimum. Evaluation-based CBD(case-based reasoning) functions manages a security risk analysis evaluation at project unit. it evaluate the evaluation instance for beginning of history degree of existing. It seeks the evaluation instance which is similar and Result security risk analysis evaluation of optimum about under using planning.
Keywords
Risk Analysis; Evaluation Case-Based Reasoning;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Hoh Peter In, Young-Gab Kim, Taek Lee, Chang- Joo Moon, Yoonjung Jung, Injung Kim, 'Security Risk Analysis Model for Information Systems,' LNCS 3398, Systems Modeling and Simulation: Theory and Applications: Third Asian Simulation
2 CSE, 'A Guide to Security Risk Management for IT Systems,' Government of Canada, Communications Security Establishment(CSE),' 1996
3 Young- Hwan Bang, YoonJung Jung, Injung Kim, Namhoon Lee, GangSoo Lee, 'The Design and Development for Risk Analysis Automatic Tool,' ICCSA2004, LNCS 3043, pp. 491-499, 2004
4 ISO/IEC 14598-1, 'IT-Software product evaluation, Part 1. General overview,' 1997. 3
5 Ellis Horowitz, Sartaj Sahni, Fundamentals of Computer Algorithms, Computer Science Press Inc. Computer Software Engineering Series, pp. 198-200
6 OCTAVE, 'OCATVE Criteria, Version 2.0,' Carnegie Mellon Software Engineering Institute(2001. 12), OCATVE Method Implementation Guide Version 2.0, OCTAVE, 2001. 6, http://www.sei.cmu.edu/publications/ pubweb.html
7 FIPS-191, 'Specifications for Guideline for The Analysis Local Area Network Security,' NIST, Nov. 1994
8 A. Finkelstein et al. (ed.), 'Software Process Modeling and Technology,' John Wiley&Sons, 1994
9 OCTAVE, 'OCATVE Criteria, Version 2.0,' Carnegie Mellon Software Engineering Institute(2001. 12), OCATVE Method Implementation Guide Version 2.0, OCTAVE, 2001. 6, http://www.sei.cmu.edu/publications/pubweb.html
10 SSE-CMM, 'Project, Systems Security Engineering Capability Maturity Model (SSE-CMM) - Model Description Document,' V.2, http://www.sse-crnm.org, 1999. 4. 1