Paper Info
Title
Model-Based Risk Assessment to Improve Enterprise Security
Abstract
The main objective of the CORAS project is to provide methods and tools for precise, unambiguous, and efficient risk assessment of security critical systems. To this end, we advocate a model-based approach to risk assessment, and this paper attempts to define the required models for this.Where as traditional risk assessment is performed without any formal description of the target of evaluation or results of the risk assessment, CORAS aims to provide well defined set of models well suited to (1) describe the target of assessment at the right level of abstraction, (2) as a medium for communication between different groups of stakeholders involved in a risk assessment, and (3) to document risk assessment results and the assumptions on which these results depend.We propose here models for each step in a risk assessment process and report results of use.
Year
DOI
Venue
2002
10.1109/EDOC.2002.1137696
EDOC
Keywords
Field
DocType
model-based risk assessment,risk assessment process,efficient risk assessment,model-based approach,coras project,different group,risk assessment result,traditional risk assessment,formal description,risk assessment,improve enterprise security,main objective,informatics,unified modeling language,security,telecommunications,risk analysis,risk management,enterprise security,failure analysis
Data mining,Systems engineering,Risk analysis (business),Risk management plan,Computer science,Risk assessment,Quantitative risk assessment software,Risk analysis (engineering),Risk management,IT risk management,Enterprise information security architecture,Factor analysis of information risk
Conference
ISBN
Citations 
PageRank 
0-7695-1742-0
45
2.86
References 
Authors
4
7
Name
Order
Citations
PageRank
Jan Øyvind Aagedal120222.74
Folker den Braber2665.53
Theodosis Dimitrakos331134.64
Bjørn Axel Gran414318.25
Dimitris Raptis5745.57
Ketil Stølen666973.05
den Braber, F.7493.44