{"title":"EIP风险管理的评估建模与系统设计方法","authors":"Shin-Jer Yang, Yung-Ming Hsieh, Yu-Lung Lin","doi":"10.1109/ICCT.2010.5688648","DOIUrl":null,"url":null,"abstract":"Today, the Internet technology development and their applications have become increasingly popular. Hence, the WWW technology brings the rising of Enterprise Information Portal (EIP). However, providing a secure Enterprise Information Portal is one of essential quality of services (QoS) in Internet applications. Focusing on the security of EIP, the purposes of this paper are to find out various risk facets based on ISO 27001 reference standards and the ISMS process and also utilize AHP model to validate the factors of each risk facet. It will refine and validate required factors of each risk facet through experts specialized in designing and implementing a secure EIP system. Then, we will establish a risk management assessment model of EIP and design its algorithm. Finally, we develop an evaluation system and also perform experiments to verify and validate the risk management of EIP. According to the risk value, it will refine the risk level to verify and validate the security of EIP. According to the experimental result, our proposed assessment model and evaluation system of EIP risk management can be served as the guidelines of implementing any a secure Web application.","PeriodicalId":253478,"journal":{"name":"2010 IEEE 12th International Conference on Communication Technology","volume":"18 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"An approach to assessment modeling and system designing of risk management in EIP\",\"authors\":\"Shin-Jer Yang, Yung-Ming Hsieh, Yu-Lung Lin\",\"doi\":\"10.1109/ICCT.2010.5688648\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Today, the Internet technology development and their applications have become increasingly popular. Hence, the WWW technology brings the rising of Enterprise Information Portal (EIP). However, providing a secure Enterprise Information Portal is one of essential quality of services (QoS) in Internet applications. Focusing on the security of EIP, the purposes of this paper are to find out various risk facets based on ISO 27001 reference standards and the ISMS process and also utilize AHP model to validate the factors of each risk facet. It will refine and validate required factors of each risk facet through experts specialized in designing and implementing a secure EIP system. Then, we will establish a risk management assessment model of EIP and design its algorithm. Finally, we develop an evaluation system and also perform experiments to verify and validate the risk management of EIP. According to the risk value, it will refine the risk level to verify and validate the security of EIP. According to the experimental result, our proposed assessment model and evaluation system of EIP risk management can be served as the guidelines of implementing any a secure Web application.\",\"PeriodicalId\":253478,\"journal\":{\"name\":\"2010 IEEE 12th International Conference on Communication Technology\",\"volume\":\"18 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 IEEE 12th International Conference on Communication Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCT.2010.5688648\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 IEEE 12th International Conference on Communication Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCT.2010.5688648","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An approach to assessment modeling and system designing of risk management in EIP
Today, the Internet technology development and their applications have become increasingly popular. Hence, the WWW technology brings the rising of Enterprise Information Portal (EIP). However, providing a secure Enterprise Information Portal is one of essential quality of services (QoS) in Internet applications. Focusing on the security of EIP, the purposes of this paper are to find out various risk facets based on ISO 27001 reference standards and the ISMS process and also utilize AHP model to validate the factors of each risk facet. It will refine and validate required factors of each risk facet through experts specialized in designing and implementing a secure EIP system. Then, we will establish a risk management assessment model of EIP and design its algorithm. Finally, we develop an evaluation system and also perform experiments to verify and validate the risk management of EIP. According to the risk value, it will refine the risk level to verify and validate the security of EIP. According to the experimental result, our proposed assessment model and evaluation system of EIP risk management can be served as the guidelines of implementing any a secure Web application.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
