Risk Analysis Methodology for New Critical Information Infrastructure

2008 Third International Conference on Systems and Networks Communications Pub Date : 2008-10-26 DOI:10.1109/ICSNC.2008.72

Jun Heo, Jong-Whoi Shin, Wansuk Lee, Yoojae Won

{"title":"Risk Analysis Methodology for New Critical Information Infrastructure","authors":"Jun Heo, Jong-Whoi Shin, Wansuk Lee, Yoojae Won","doi":"10.1109/ICSNC.2008.72","DOIUrl":null,"url":null,"abstract":"In Korea, hacking, computer viruses, such as infringement on electronic systems for protecting Critical Information Infrastructure from the law was enacted. Every year, Specified facilities that Critical Information Infrastructure are analysed system risks and will be submitted to Central Government. This research intends to provide IT service attributes to take into account the methodology that predicts the security of Critical Information Infrastructure. The service provider who wants to offer the new Critical Information Infrastructure service needs to secure appropriate security measures based on threat and vulnerability analysis from IT service attributes and the service planning stage. However, it is difficult to use existing risk methodologies that perform threat analysis as the one that allows Service attributes This paper propose the information security framework that figures out security threats at the new IT Critical Information Infrastructure service planning stage, and easily identifies relevancy between security technologies and IT service attributes.","PeriodicalId":105399,"journal":{"name":"2008 Third International Conference on Systems and Networks Communications","volume":"276 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-10-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 Third International Conference on Systems and Networks Communications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSNC.2008.72","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

In Korea, hacking, computer viruses, such as infringement on electronic systems for protecting Critical Information Infrastructure from the law was enacted. Every year, Specified facilities that Critical Information Infrastructure are analysed system risks and will be submitted to Central Government. This research intends to provide IT service attributes to take into account the methodology that predicts the security of Critical Information Infrastructure. The service provider who wants to offer the new Critical Information Infrastructure service needs to secure appropriate security measures based on threat and vulnerability analysis from IT service attributes and the service planning stage. However, it is difficult to use existing risk methodologies that perform threat analysis as the one that allows Service attributes This paper propose the information security framework that figures out security threats at the new IT Critical Information Infrastructure service planning stage, and easily identifies relevancy between security technologies and IT service attributes.

查看原文本刊更多论文

新型关键信息基础设施的风险分析方法

在韩国，为了保护关键信息基础设施(ict)，制定了黑客攻击、电脑病毒侵害等电子系统的法律。每年，政府都会对关键资讯基建的指定设施进行系统风险分析，并提交给中央政府。本研究旨在提供IT服务属性，以考虑预测关键信息基础设施安全性的方法。希望提供新的关键信息基础设施服务的服务提供者需要根据来自IT服务属性和服务规划阶段的威胁和漏洞分析，确保适当的安全措施。本文提出了在新的it关键信息基础设施服务规划阶段识别安全威胁的信息安全框架，并能轻松识别安全技术与it服务属性之间的相关性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2008 Third International Conference on Systems and Networks Communications

自引率

0.00%

发文量