A. R. Otero, G. Tejay, L. D. Otero, A. Ruiz-Torres
{"title":"基于模糊逻辑的组织信息安全控制评估","authors":"A. R. Otero, G. Tejay, L. D. Otero, A. Ruiz-Torres","doi":"10.1109/ICOS.2012.6417640","DOIUrl":null,"url":null,"abstract":"For organizations, security of information is eminent as threats of information security incidents that could impact the information continue to increase. Alarming facts within the literature support the current lack of adequate information security practices and prompt for identifying additional methods to help organizations in protecting their sensitive and critical information. Research efforts shows inadequacies within traditional ISC assessment methodologies that do not promote an effective assessment, prioritization, and, therefore, implementation of ISC in organizations. This research-in-progress relates to the development of a tool that can accurately prioritize ISC in organizations. The tool uses fuzzy set theory to allow for a more accurate assessment of imprecise parameters than traditional methodologies. We argue that evaluating information security controls using fuzzy set theory leads to a more detailed and precise assessment and, therefore, supports an effective selection of information security controls in organizations.","PeriodicalId":319770,"journal":{"name":"2012 IEEE Conference on Open Systems","volume":"86 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":"{\"title\":\"A fuzzy logic-based information security control assessment for organizations\",\"authors\":\"A. R. Otero, G. Tejay, L. D. Otero, A. Ruiz-Torres\",\"doi\":\"10.1109/ICOS.2012.6417640\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"For organizations, security of information is eminent as threats of information security incidents that could impact the information continue to increase. Alarming facts within the literature support the current lack of adequate information security practices and prompt for identifying additional methods to help organizations in protecting their sensitive and critical information. Research efforts shows inadequacies within traditional ISC assessment methodologies that do not promote an effective assessment, prioritization, and, therefore, implementation of ISC in organizations. This research-in-progress relates to the development of a tool that can accurately prioritize ISC in organizations. The tool uses fuzzy set theory to allow for a more accurate assessment of imprecise parameters than traditional methodologies. We argue that evaluating information security controls using fuzzy set theory leads to a more detailed and precise assessment and, therefore, supports an effective selection of information security controls in organizations.\",\"PeriodicalId\":319770,\"journal\":{\"name\":\"2012 IEEE Conference on Open Systems\",\"volume\":\"86 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"13\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 IEEE Conference on Open Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICOS.2012.6417640\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 IEEE Conference on Open Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICOS.2012.6417640","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A fuzzy logic-based information security control assessment for organizations
For organizations, security of information is eminent as threats of information security incidents that could impact the information continue to increase. Alarming facts within the literature support the current lack of adequate information security practices and prompt for identifying additional methods to help organizations in protecting their sensitive and critical information. Research efforts shows inadequacies within traditional ISC assessment methodologies that do not promote an effective assessment, prioritization, and, therefore, implementation of ISC in organizations. This research-in-progress relates to the development of a tool that can accurately prioritize ISC in organizations. The tool uses fuzzy set theory to allow for a more accurate assessment of imprecise parameters than traditional methodologies. We argue that evaluating information security controls using fuzzy set theory leads to a more detailed and precise assessment and, therefore, supports an effective selection of information security controls in organizations.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
