{"title":"检讨网络系统在部署和运作期间的网络安全风险评估","authors":"Manh-Tuan Nguyen, Thi-Huong-Giang Vu","doi":"10.32913/mic-ict-research.v2023.n1.1089","DOIUrl":null,"url":null,"abstract":"This paper presents the state of the arts in security risk assessment of web systems. The process of assessing security risks and the process of developing and operating information systems in general, web systems in particular, are depicted step by step, showing how the risk assessment is performed during the deployment and the operation of web systems. Based on this analysis, different methods related to the manual and automatic risk assessment are reviewed, focusing on the methods using probability theory and Bayesian networks. The techniques developed for quantitative and qualitative assessment are presented and compared in terms of their objectives, scopes, and results to pick out advantages and limits. Finally, the approaches dedicated to assessing the risks of web systems are presented.","PeriodicalId":432355,"journal":{"name":"Research and Development on Information and Communication Technology","volume":"33 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-03-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A review of cyber security risk assessment for web systems during its deployment and operation\",\"authors\":\"Manh-Tuan Nguyen, Thi-Huong-Giang Vu\",\"doi\":\"10.32913/mic-ict-research.v2023.n1.1089\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper presents the state of the arts in security risk assessment of web systems. The process of assessing security risks and the process of developing and operating information systems in general, web systems in particular, are depicted step by step, showing how the risk assessment is performed during the deployment and the operation of web systems. Based on this analysis, different methods related to the manual and automatic risk assessment are reviewed, focusing on the methods using probability theory and Bayesian networks. The techniques developed for quantitative and qualitative assessment are presented and compared in terms of their objectives, scopes, and results to pick out advantages and limits. Finally, the approaches dedicated to assessing the risks of web systems are presented.\",\"PeriodicalId\":432355,\"journal\":{\"name\":\"Research and Development on Information and Communication Technology\",\"volume\":\"33 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-03-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Research and Development on Information and Communication Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.32913/mic-ict-research.v2023.n1.1089\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Research and Development on Information and Communication Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.32913/mic-ict-research.v2023.n1.1089","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A review of cyber security risk assessment for web systems during its deployment and operation
This paper presents the state of the arts in security risk assessment of web systems. The process of assessing security risks and the process of developing and operating information systems in general, web systems in particular, are depicted step by step, showing how the risk assessment is performed during the deployment and the operation of web systems. Based on this analysis, different methods related to the manual and automatic risk assessment are reviewed, focusing on the methods using probability theory and Bayesian networks. The techniques developed for quantitative and qualitative assessment are presented and compared in terms of their objectives, scopes, and results to pick out advantages and limits. Finally, the approaches dedicated to assessing the risks of web systems are presented.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
