Hrvatska znanstvena Sekcija img
3 gif
 O projektu
4 gif
Pregledavanje radova
Jednostavno pretraživanje
Napredno pretraživanje
Skupni podaci
Upis novih radova
Ispravci prijavljenih radova
Ostale bibliografije
Slični projekti
 Bibliografske baze podataka

Pregled bibliografske jedinice broj: 778112


Autori: Šolić, Krešimir; Očevčić, Hrvoje; Golub, Marin
Naslov: The information systems' security level assessment model based on an ontology and evidential reasoning approach
Izvornik: Computers & security (0167-4048) 55 (2014); 100-112
Vrsta rada: članak
Ključne riječi: information security model; information security; risk assessment; security control selection; security management; OWL; ontology; evidential reasoning
In the area of information technology an amount of security issues persists through time. Ongoing activities on security solutions aim to integrate existing security guidelines, best practices, security standards and existing solutions, but they often lack a knowledge base or do not involve all security issues, particularly human influence. In this paper, we presented a model that can be the basis for a novel information systems security evaluation solution. This solution should be able to cover a wide range of all possible information security issues. Our model is based on an OWL ontology for knowledge base, uses an enhanced Evidential Reasoning algorithm for mathematical calculations and possesses a simple reflex intelligent agent's algorithm as a decision supporting element. Properties for this model supervene from properties of its constructing elements. Knowledge base being built on OWL ontology is a major element of the model. It can provide high flexibility and applicability to different information systems and business organizations ; upgradeability to be up to date regarding current security issues and new threats ; and high versatility, taking into evaluation all possible aspects regarding security issues, e.g., network security, software and hardware issues, human influence, security policies and disaster recovery plans. Enhanced Evidential Reasoning algorithm is based on the Dumpster–Shafer theory and is well suited for calculations with expert's subjective judgements combining qualitative with quantitative evaluation grades. We designed an algorithm for back coupling based on a simple reflex intelligent agent for results presentation and decision support. In our work, we explained how to connect and use each of the model's constructive elements to obtain information security evaluation results. In addition, we conducted a case study with the proposed model on a small business organization. To test our model, we also used the standard qualitative risk assessment method on the same business organization in order to compare both qualitative results. Preliminary testing results have shown that the presented model could achieve its goal if it would be developed into an integrated software tool with a well-defined and up-to-date ontological knowledge base.
Izvorni jezik: ENG
Rad je indeksiran u
bazama podataka:
Current Contents Connect (CCC)
Science Citation Index Expanded (SCI-EXP) (sastavni dio Web of Science Core Collectiona)
Kategorija: Znanstveni
Znanstvena područja:
URL Internet adrese:
Broj citata:
DOI: 10.1016/j.cose.2015.08.004
URL cjelovitog teksta:
Google Scholar: The information systems' security level assessment model based on an ontology and evidential reasoning approach
Upisao u CROSBI: Krešimir Šolić (, 26. Ruj. 2015. u 11:54 sati

  Verzija za printanje   za tiskati