Context-sensitive Information security Risk identification and evaluation techniques

Dan Ionita

doi:10.1109/RE.2014.6912303

Context-sensitive Information security Risk identification and evaluation techniques

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

Abstract

The objective of my research is to improve and support the process of Information security Risk Assessment by designing a scalable Risk argumentation framework for socio-digital-technical Risk. Due to the various types of IT systems, diversity of architectures and dynamic nature of Risk, there is no one-size-fits all RA method. As such, the research hopes to identify guidelines for conducting Risk Assessments in contexts that raise special challenges such as Telecom and virtualized infrastructures. Finally, it will suggest ways of qualitatively and quantitatively evaluating Information Security Risks in such scenarios by using argumentation and/or modelling attacker business cases.

Original language	Undefined
Title of host publication	22nd IEEE International Requirements Engineering Conference (RE14)
Place of Publication	Piscataway, New Jersey
Publisher	IEEE
Pages	485-488
Number of pages	4
ISBN (Print)	978-1-4799-3033-3
DOIs	https://doi.org/10.1109/RE.2014.6912303
Publication status	Published - 25 Aug 2014
Event	22nd IEEE International Requirements Engineering Conference, RE 2014 - Karlskrona, Sweden Duration: 25 Aug 2014 → 29 Aug 2014 http://bth.se/re14

Publication series

Name
Publisher	IEEE

Conference

Conference	22nd IEEE International Requirements Engineering Conference, RE 2014
Country	Sweden
City	Karlskrona
Period	25/08/14 → 29/08/14
Internet address	http://bth.se/re14

Keywords

EWI-25121
SCS-Cybersecurity
IR-101938
EC Grant Agreement nr.: FP7/318003
METIS-306047
EC Grant Agreement nr.: FP7/2007-2013

Access to Document

10.1109/RE.2014.6912303

Cite this

@inproceedings{fc54ee5a12fe44af8a158f4aec515702,

title = "Context-sensitive Information security Risk identification and evaluation techniques",

abstract = "The objective of my research is to improve and support the process of Information security Risk Assessment by designing a scalable Risk argumentation framework for socio-digital-technical Risk. Due to the various types of IT systems, diversity of architectures and dynamic nature of Risk, there is no one-size-fits all RA method. As such, the research hopes to identify guidelines for conducting Risk Assessments in contexts that raise special challenges such as Telecom and virtualized infrastructures. Finally, it will suggest ways of qualitatively and quantitatively evaluating Information Security Risks in such scenarios by using argumentation and/or modelling attacker business cases.",

keywords = "EWI-25121, SCS-Cybersecurity, IR-101938, EC Grant Agreement nr.: FP7/318003, METIS-306047, EC Grant Agreement nr.: FP7/2007-2013",

author = "Dan Ionita",

note = "Foreground = 90% ;Type of activity = Doctoral Symposium;Main leader = UT;Type of audience = scientific community;Size of audience = 10;Countries addressed = international;; null ; Conference date: 25-08-2014 Through 29-08-2014",

year = "2014",

month = aug,

day = "25",

doi = "10.1109/RE.2014.6912303",

language = "Undefined",

isbn = "978-1-4799-3033-3",

publisher = "IEEE",

pages = "485--488",

booktitle = "22nd IEEE International Requirements Engineering Conference (RE14)",

address = "United States",

url = "http://bth.se/re14",

}

TY - GEN

T1 - Context-sensitive Information security Risk identification and evaluation techniques

AU - Ionita, Dan

N1 - Foreground = 90% ;Type of activity = Doctoral Symposium;Main leader = UT;Type of audience = scientific community;Size of audience = 10;Countries addressed = international;

PY - 2014/8/25

Y1 - 2014/8/25

N2 - The objective of my research is to improve and support the process of Information security Risk Assessment by designing a scalable Risk argumentation framework for socio-digital-technical Risk. Due to the various types of IT systems, diversity of architectures and dynamic nature of Risk, there is no one-size-fits all RA method. As such, the research hopes to identify guidelines for conducting Risk Assessments in contexts that raise special challenges such as Telecom and virtualized infrastructures. Finally, it will suggest ways of qualitatively and quantitatively evaluating Information Security Risks in such scenarios by using argumentation and/or modelling attacker business cases.

AB - The objective of my research is to improve and support the process of Information security Risk Assessment by designing a scalable Risk argumentation framework for socio-digital-technical Risk. Due to the various types of IT systems, diversity of architectures and dynamic nature of Risk, there is no one-size-fits all RA method. As such, the research hopes to identify guidelines for conducting Risk Assessments in contexts that raise special challenges such as Telecom and virtualized infrastructures. Finally, it will suggest ways of qualitatively and quantitatively evaluating Information Security Risks in such scenarios by using argumentation and/or modelling attacker business cases.

KW - EWI-25121

KW - SCS-Cybersecurity

KW - IR-101938

KW - EC Grant Agreement nr.: FP7/318003

KW - METIS-306047

KW - EC Grant Agreement nr.: FP7/2007-2013

U2 - 10.1109/RE.2014.6912303

DO - 10.1109/RE.2014.6912303

M3 - Conference contribution

SN - 978-1-4799-3033-3

SP - 485

EP - 488

BT - 22nd IEEE International Requirements Engineering Conference (RE14)

PB - IEEE

CY - Piscataway, New Jersey

Y2 - 25 August 2014 through 29 August 2014

ER -