Context-sensitive Information security Risk identification and evaluation techniques

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    Abstract

    The objective of my research is to improve and support the process of Information security Risk Assessment by designing a scalable Risk argumentation framework for socio-digital-technical Risk. Due to the various types of IT systems, diversity of architectures and dynamic nature of Risk, there is no one-size-fits all RA method. As such, the research hopes to identify guidelines for conducting Risk Assessments in contexts that raise special challenges such as Telecom and virtualized infrastructures. Finally, it will suggest ways of qualitatively and quantitatively evaluating Information Security Risks in such scenarios by using argumentation and/or modelling attacker business cases.
    Original languageUndefined
    Title of host publication22nd IEEE International Requirements Engineering Conference (RE14)
    Place of PublicationPiscataway, New Jersey
    PublisherIEEE
    Pages485-488
    Number of pages4
    ISBN (Print)978-1-4799-3033-3
    DOIs
    Publication statusPublished - 25 Aug 2014
    Event22nd IEEE International Requirements Engineering Conference, RE 2014 - Karlskrona, Sweden
    Duration: 25 Aug 201429 Aug 2014
    http://bth.se/re14

    Publication series

    Name
    PublisherIEEE

    Conference

    Conference22nd IEEE International Requirements Engineering Conference, RE 2014
    CountrySweden
    CityKarlskrona
    Period25/08/1429/08/14
    Internet address

    Keywords

    • EWI-25121
    • SCS-Cybersecurity
    • IR-101938
    • EC Grant Agreement nr.: FP7/318003
    • METIS-306047
    • EC Grant Agreement nr.: FP7/2007-2013

    Cite this