An information systems security risk assessment model under uncertain environment

Applied Soft Computing Journal

Volumn 11, Issue 7, 2011, Pages 4332-4340

  Feng, Nan ^a   Li, Minqiang ^a  

^a TIANJIN UNIVERSITY   (China)

Author keywords

Evidence theory; Evidential consistency; Fuzzy measure; Information systems security; Risk assessment

Indexed keywords

ASSESSMENT MODELS; BASIC BELIEF ASSIGNMENT; EVIDENCE THEORIES; EVIDENTIAL CONSISTENCY; FUZZY MEASURE; FUZZY MEASURES; INDEX SYSTEMS; INDEX WEIGHT; INFORMATION SYSTEMS SECURITY; UNCERTAIN ENVIRONMENTS; UNCERTAIN EVIDENCE;

FUZZY SYSTEMS; INFORMATION SYSTEMS; RATING; RELIABILITY ANALYSIS; SECURITY OF DATA; SENSITIVITY ANALYSIS;

RISK ASSESSMENT;

EID: 79960556391     PISSN: 15684946     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.asoc.2010.06.005     Document Type: Article

References (41)

1. A. Kankanhalli, H.H. Teo, B.C.Y. Tan, and K.K. Wei An integrative study of information systems security effectiveness International Journal of Information Management 23 2 2003 139 154
2. M. Karyda, E. Kiountouzis, and S. Kokolakis Information systems security policies: a contextual perspective Computers and Security 24 3 2005 246 260 (Pubitemid 40683804)
3. D.W. Straub, and R.J. Welke Coping with systems risk: security planning models for management decision-making MIS Quarterly 22 4 1998 441 469
4. R.L. Winkler Uncertainty in probabilistic risk assessment Reliability Engineering and System Safety 54 2-3 1996 127 132 (Pubitemid 126365917)
5. R.K. Rainer, C.A. Snyder, and H.H. Carr Risk analysis for information technology Journal of Management Information Systems 8 1 1991 129 147
6. L.D. Bodin, L.A. Gordon, and M.P. Loeb Information security and risk management Communications of the ACM 51 4 2008 64 68 (Pubitemid 351530781)
7. G.V. Post, and J.D. Diltz A stochastic dominance approach to risk analysis of computer systems MIS Quarterly 10 4 2001 363 375
8. Y. Huanchun Risk evaluation model on enterprises' complex information system: a study based on the BP neural network Journal of Software 5 1 2010 99 106
9. L. Grunske, and D. Joyce Quantitative risk-based security prediction for component-based systems with explicitly modeled attack profiles Journal of Systems and Software 81 8 2008 1327 1345
10. W.G. de Ru, and J.H.P. Eloff Risk analysis modeling with the use of fuzzy logic Computers and Security 15 3 1996 239 248 (Pubitemid 126351696)
11. D. Xu, J. Sha, P. Zhang, and B. Wan Study of switch project construction risk identification evaluation and tacking based on Delphi method System Engineering Theory and Practice 20 12 2000 113 118
12. D.K. Hardman, and P. Ayton Arguments for qualitative risk assessment: the StAR risk adviser Expert Systems 14 1 2000 24 36 (Pubitemid 127647155)
13. S. Alter, and S. Sherer A general, but readily adaptable model of information system risk Communications of the AIS 14 1 2004 1 28
14. H Salmela Analysing business losses caused by information systems risk: a business process analysis approach Journal of Information Technology 23 3 2008 185 202
15. C. Fan, and Y. Yu BBN-based software project risk management Journal of Systems and Software 73 2 2004 193 203
16. Y. Hu, J. Chen, H. Jiaxing, L. Mei, and X. Kang Analyzing software system quality risk using Bayesian belief network Proceedings of the 2007 IEEE International Conference on Granular Computing 2007 93 96
17. E. Lee, Y. Park, and J. Shin Large engineering project risk management using a Bayesian belief network Expert Systems with Applications 36 3 2009 5880 5887
18. T. Zhan, and X. Wang Risk assessment for traffic information security based on fuzzy comprehensive evaluation Proceedings of the 2nd International Conference on Transportation Engineering 2009 3809 3814
19. T.R. Peltier Information Security Risk Analysis second ed. 2007 CRC Press Boca Raton
20. X. Yang, H. Luo, C. Fan, M. Chen, and S. Zhou Analysis of risk evaluation techniques on information system security Journal of Computer Applications 28 8 2008 1920 1924
21. R.P. Srivastava, and T. Mock Evidential reasoning for WebTrust assurance services Journal of Management Information Systems 16 3 2000 11 32 (Pubitemid 32716784)
22. R.P. Srivastava, and L. Liu Applications of belief functions in business decisions: a review Information Systems Frontiers 5 4 2003 359 378
23. H. Xu, Y.T. Hsia, and P. Smets A belief-function based decision support system D. Heckerman, A. Mamdani, Proceedings of the Ninth Uncertainty in Artificial Intelligence 1993 Morgan Kaufmann San Mateo, CA 535 542
24. D. Zeng, J. Xu, and G. Xu Data fusion for traffic incident detection using D-S evidence theory with probabilistic SVMs Journal of Computers 3 10 2008 36 43
25. X. Yao, J. Fu, and Z. Chen Intelligent fault diagnosis using rough set method and evidence theory for NC machine tools International Journal of Computer Integrated Manufacturing 22 5 2009 472 482
26. Z.P. Mourelatos, and J. Zhou A design optimization method using evidence theory Journal of Mechanical Design 128 4 2006 901 908 (Pubitemid 44123179)
27. H. Altincay Ensembling evidential k-nearest neighbor classifiers through multi-modal perturbation Applied Soft Computing 7 3 2007 1072 1083 (Pubitemid 46551937)
28. Z. Deng, B. Li, and J. Zhuang Image object recognition by SVMs and evidence theory Lecture Notes in Computer Science 3568 2005 560 567 (Pubitemid 41425594)
29. A.P. Dempster A generalization of Bayesian inference Journal of the Royal Statistical Society 30 1968 205 247
30. G. Shafer A Mathematical Theory of Evidence 1976 Princeton University Press Princeton
31. G. Shafer The Dempster-Shafer theory S.C. Shapiro, Encyclopedia of Artificial Intelligence 1992 John Wiley and Sons New York 330 331
32. A.L. Jousselme, D. Grenier, and E. Bosse A new distance between two bodies of evidence Information Fusion 2 1 2001 91 101 (Pubitemid 33632552)
33. R.L. Kumar, S. Park, and C. Subramaniam Understanding the value of countermeasure portfolios in information systems security Journal of Management Information Systems 25 2 2008 241 279
34. Z.S. Xu A method for priorities of triangular fuzzy number complementary judgment matrices Fuzzy Systems and Mathematics 16 1 2002 55 60
35. L. Zhou, A. Vasconcelos, and M. Nunes Supporting decision making in risk management through an evidence-based information systems project risk checklist Information Management and Computer Security 16 2 2008 166 186
36. J.W. Guan, and D.A. Bell Approximate reasoning and evidence theory Information Sciences 96 3-4 1997 207 235
37. C.K. Murphy Combining belief functions when evidence conflicts Decision Support Systems 29 1 2000 1 9
38. C.G. Jin, Y. Lin, and Z.S. Ji Application of event tree analysis based on fuzzy sets in risk analysis Journal of Dalian University of Technology 43 1 2003 97 100
39. P.P. Shenoy, and G. Shafer Axioms for probability and belief-function propagation Uncertainty in Artificial Intelligence 4 1990 169 198
40. A. Saffiotti, and E.P. Umkehrer A general tool for propagating uncertainty in valuation networks Proceedings of the Seventh National Conference on Artificial Intelligence 1991 323 331
41. G. Shafer, P.P. Shenoy, and R.P. Srivastava Auditor's assistant: a knowledge engineering tool for audit decisions Proceedings of the 1988 Touche Ross/University of Kansas Symposium on Auditing Problems 1988 61 79