Quantitative Information Security Risk Assessment Model for University Computing Environment

2016 International Conference on Information Technology (ICIT) Pub Date : 2016-12-01 DOI:10.1109/ICIT.2016.026

Chanchala Joshi, U. Singh

{"title":"Quantitative Information Security Risk Assessment Model for University Computing Environment","authors":"Chanchala Joshi, U. Singh","doi":"10.1109/ICIT.2016.026","DOIUrl":null,"url":null,"abstract":"Today's universities are on the forefront of technological advancement which makes University's computing environment vulnerable because of its large open networks. This paper analyzed the security threats specifically evolve in University's network, and with consideration of these issues, proposed risk assessment framework for University computing environment. The proposed framework reduces the risk of security breach by supporting three phase activities, the first phase assesses the threats and vulnerabilities in order to identify the weak point in educational environment, the second phase focuses on the highest risk and create actionable remediation plan, the third phase of risk assessment model recognizes the vulnerability management compliance requirement in order to improve University's security position. The proposed framework is applied on Vikram University Ujjain India's, computing environment and the evaluation result showed the proposed framework enhances the security level of University campus network. This model can be used by risk analyst and security manager of University to perform reliable and repeatable risk analysis in realistic and affordable manner.","PeriodicalId":220153,"journal":{"name":"2016 International Conference on Information Technology (ICIT)","volume":"70 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 International Conference on Information Technology (ICIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIT.2016.026","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

Today's universities are on the forefront of technological advancement which makes University's computing environment vulnerable because of its large open networks. This paper analyzed the security threats specifically evolve in University's network, and with consideration of these issues, proposed risk assessment framework for University computing environment. The proposed framework reduces the risk of security breach by supporting three phase activities, the first phase assesses the threats and vulnerabilities in order to identify the weak point in educational environment, the second phase focuses on the highest risk and create actionable remediation plan, the third phase of risk assessment model recognizes the vulnerability management compliance requirement in order to improve University's security position. The proposed framework is applied on Vikram University Ujjain India's, computing environment and the evaluation result showed the proposed framework enhances the security level of University campus network. This model can be used by risk analyst and security manager of University to perform reliable and repeatable risk analysis in realistic and affordable manner.

查看原文本刊更多论文

面向高校计算环境的信息安全风险定量评估模型

当今的大学处于技术进步的前沿，由于其庞大的开放网络，使得大学的计算环境变得脆弱。本文具体分析了高校网络中存在的安全威胁，并针对这些问题提出了高校计算环境的风险评估框架。建议的框架通过支持三个阶段的活动来降低安全漏洞的风险，第一阶段评估威胁和漏洞，以识别教育环境中的弱点，第二阶段关注最高风险并创建可操作的补救计划，第三阶段风险评估模型识别漏洞管理合规性要求，以提高大学的安全地位。将该框架应用于印度维克拉姆大学的计算环境，评估结果表明，该框架提高了大学校园网的安全水平。该模型可为高校风险分析人员和安全管理人员提供可靠、可重复、现实、经济的风险分析。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2016 International Conference on Information Technology (ICIT)

自引率

0.00%

发文量