IT Confidentiality Risk Assessment for an Architecture-Based Approach

Share/Save/Bookmark

Morali, Ayse and Zambon, Emmanuele and Etalle, Sandro and Overbeek, Paul (2008) IT Confidentiality Risk Assessment for an Architecture-Based Approach. [Report]

open access
[img]
Preview
PDF
730kB
Abstract:Information systems require awareness of risks and a good understanding of vulnerabilities and their exploitations. In this paper, we propose a novel approach for the systematic assessment and analysis of confidentiality risks caused by disclosure of operational and functional information. The approach is modeldriven integrating information assets and the IT infrastructure that they rely on for distributed systems. IT infrastructures enable one to analyse risk propagation possibilities and calculate the impact for confidentiality incidents. Furthermore, depending on the monetary value of an information asset, we bridge the technical and business-oriented views of information security.
Item Type:Report
Faculty:
Electrical Engineering, Mathematics and Computer Science (EEMCS)
Research Group:
Link to this item:http://purl.utwente.nl/publications/64635
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page

Metis ID: 250873