{"title":"应用ROI分析支持SOA信息安全投资决策","authors":"K. Buck, P. Das, D. Hanf","doi":"10.1109/THS.2008.4534478","DOIUrl":null,"url":null,"abstract":"Offering functionality and data in a secure manner poses significant challenges for Government enterprises that are embracing approaches, such as Service- Oriented Architectures (SOA), especially when there is a desire to promote information sharing across functional, organizational, or Community of Interest (COI) boundaries. Many Government organizations evaluate Implementation of security measures against the risk that a particular vulnerability will be exploited by a particular threat. Informed Information security Investment decisions are made based upon analysis of cost, benefit, schedule, performance, and risk tradeoffs. The Investment decision-making space for Information security In a web-based, service-oriented environment is explored in this paper, and methods for evaluating operational, economic and performance implications are considered. This paper discusses the value and practicality of applying Return-on-Investment (ROI) analysis for Government information security investment decision-making, especially when information sharing is a key success driver. Recommendations are based upon preliminary findings of a MITRE Mission-Oriented Investigation and Experimentation (MOIE) effort related to SOA Performance Measures Expression In Performance-Based Acquisition (PBA) Vehicles.","PeriodicalId":366416,"journal":{"name":"2008 IEEE Conference on Technologies for Homeland Security","volume":"54 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-05-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Applying ROI Analysis to Support SOA Information Security Investment Decisions\",\"authors\":\"K. Buck, P. Das, D. Hanf\",\"doi\":\"10.1109/THS.2008.4534478\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Offering functionality and data in a secure manner poses significant challenges for Government enterprises that are embracing approaches, such as Service- Oriented Architectures (SOA), especially when there is a desire to promote information sharing across functional, organizational, or Community of Interest (COI) boundaries. Many Government organizations evaluate Implementation of security measures against the risk that a particular vulnerability will be exploited by a particular threat. Informed Information security Investment decisions are made based upon analysis of cost, benefit, schedule, performance, and risk tradeoffs. The Investment decision-making space for Information security In a web-based, service-oriented environment is explored in this paper, and methods for evaluating operational, economic and performance implications are considered. This paper discusses the value and practicality of applying Return-on-Investment (ROI) analysis for Government information security investment decision-making, especially when information sharing is a key success driver. Recommendations are based upon preliminary findings of a MITRE Mission-Oriented Investigation and Experimentation (MOIE) effort related to SOA Performance Measures Expression In Performance-Based Acquisition (PBA) Vehicles.\",\"PeriodicalId\":366416,\"journal\":{\"name\":\"2008 IEEE Conference on Technologies for Homeland Security\",\"volume\":\"54 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-05-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 IEEE Conference on Technologies for Homeland Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/THS.2008.4534478\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 IEEE Conference on Technologies for Homeland Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/THS.2008.4534478","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Applying ROI Analysis to Support SOA Information Security Investment Decisions
Offering functionality and data in a secure manner poses significant challenges for Government enterprises that are embracing approaches, such as Service- Oriented Architectures (SOA), especially when there is a desire to promote information sharing across functional, organizational, or Community of Interest (COI) boundaries. Many Government organizations evaluate Implementation of security measures against the risk that a particular vulnerability will be exploited by a particular threat. Informed Information security Investment decisions are made based upon analysis of cost, benefit, schedule, performance, and risk tradeoffs. The Investment decision-making space for Information security In a web-based, service-oriented environment is explored in this paper, and methods for evaluating operational, economic and performance implications are considered. This paper discusses the value and practicality of applying Return-on-Investment (ROI) analysis for Government information security investment decision-making, especially when information sharing is a key success driver. Recommendations are based upon preliminary findings of a MITRE Mission-Oriented Investigation and Experimentation (MOIE) effort related to SOA Performance Measures Expression In Performance-Based Acquisition (PBA) Vehicles.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
