Risk analysis for electronic commerce using case-based reasoning

Intell. Syst. Account. Finance Manag. Pub Date : 1999-03-01 DOI:10.1002/(SICI)1099-1174(199903)8:1%3C61::AID-ISAF156%3E3.0.CO;2-6

C. Jung, Ingoo Han, Bomil Suh

{"title":"Risk analysis for electronic commerce using case-based reasoning","authors":"C. Jung, Ingoo Han, Bomil Suh","doi":"10.1002/(SICI)1099-1174(199903)8:1%3C61::AID-ISAF156%3E3.0.CO;2-6","DOIUrl":null,"url":null,"abstract":"Electronic commerce (EC) appears to be essential for an organization’s survival and growth. Then the security of the EC systems, which ensures authorized and correct transaction processing, becomes one of the most critical issues in implementing the systems. The analysis of risk that a system faces is the core part of security management since risk analysis can identify the principal assets, the threats and the vulnerabilities of those assets, and the risks confronting the assets. This study intends to develop a risk analysis system in an EC environment using the case-based reasoning (CBR) technique. The process of the proposed system is composed of four steps: initial data collection, asset evaluation, threat and vulnerability evaluation, and result generation of risk analysis. This process follows the traditional risk analysis process. This system employs the casebase of past analyses and security accidents. Although some studies introduced several case-based systems for risk analysis of traditional information system, none of them is under an EC environment. The proposed system is the first to apply the CBR technique for risk analysis of an EC system. Copyright © 1999 John Wiley & Sons, Ltd.","PeriodicalId":153549,"journal":{"name":"Intell. Syst. Account. Finance Manag.","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1999-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"69","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Intell. Syst. Account. Finance Manag.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1002/(SICI)1099-1174(199903)8:1%3C61::AID-ISAF156%3E3.0.CO;2-6","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 69

Abstract

Electronic commerce (EC) appears to be essential for an organization’s survival and growth. Then the security of the EC systems, which ensures authorized and correct transaction processing, becomes one of the most critical issues in implementing the systems. The analysis of risk that a system faces is the core part of security management since risk analysis can identify the principal assets, the threats and the vulnerabilities of those assets, and the risks confronting the assets. This study intends to develop a risk analysis system in an EC environment using the case-based reasoning (CBR) technique. The process of the proposed system is composed of four steps: initial data collection, asset evaluation, threat and vulnerability evaluation, and result generation of risk analysis. This process follows the traditional risk analysis process. This system employs the casebase of past analyses and security accidents. Although some studies introduced several case-based systems for risk analysis of traditional information system, none of them is under an EC environment. The proposed system is the first to apply the CBR technique for risk analysis of an EC system. Copyright © 1999 John Wiley & Sons, Ltd.

查看原文本刊更多论文

基于案例推理的电子商务风险分析

电子商务(EC)对于一个组织的生存和发展似乎是必不可少的。电子商务系统的安全性是电子商务系统实现过程中最关键的问题之一，它保证了电子商务系统的交易处理是合法的、正确的。系统面临的风险分析是安全管理的核心部分，因为风险分析可以识别主要资产，这些资产的威胁和脆弱性，以及资产面临的风险。本研究旨在利用案例推理(CBR)技术，开发一个电子商务环境下的风险分析系统。该系统的过程由初始数据收集、资产评估、威胁和脆弱性评估以及风险分析结果生成四个步骤组成。这个过程遵循传统的风险分析过程。本系统采用了以往的分析案例和安全事故案例。虽然有研究介绍了几种基于案例的传统信息系统风险分析系统，但没有一种是在电子商务环境下进行的。该系统首次将CBR技术应用于电子商务系统的风险分析。版权所有©1999 John Wiley & Sons, Ltd

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Intell. Syst. Account. Finance Manag.

自引率

0.00%

发文量