| Συγγραφείς: | Gritzalis D., Karyda M., Gymnopoulos L. |
|---|
| Τίτλος: | Elaborating Quantitative Approaches for IT Security Evaluation |
|---|
| Συνέδριο: | 17th International Conference on Information Security (SEC 2002) |
|---|
| Editors: | M. Adeeb Ghonaimy, Mahmoud T. El-Hadidi, and Heba K. Aslan |
|---|
| Ed: | Όχι |
|---|
| Eds: | Ναι |
|---|
| Σελίδες: | 67-77 |
|---|
| Να εμφανιστεί: | Όχι |
|---|
| Μήνας: | Μάιος |
|---|
| Έτος: | 2002 |
|---|
| Τόπος: | Cairo, Egypt |
|---|
| Εκδότης: | Kluwer Academic Publishers |
|---|
| Δεσμός: | |
|---|
| Όνομα αρχείου: | B3.pdf##^^&&15326042.pdf |
|---|
| Περίληψη: | Information Systems security evaluation is a sine qua non requirement for effective IT security management, as well as for establishing trust among different but cooperating business partners. This paper initially provides a critical review of traditionally applied evaluation and certification schemes. Based upon this review, the paper stresses the need for an approach that is quantitative in nature and can address the problem of IS operational security. Then, such an approach is presented, mainly based on an existing complex of models (CEISOQ) for evaluating IS operation quality. It is argued that there are certain benefits if this approach is applied in combination with the traditional qualitative ones. |
|---|
English