Abstract
In previous work, we presented a quantitative cyber security risk assessment model that quantifies the security of a system in financial terms. Our model assesses the cost of the failure of an information system security with regards to threats dimensions. In this assessment, we consider that the threats world can be divided into several threats dimensions and perspectives. In this paper, we discuss the specification and design of an automated tool that manage and maintains information that pertains to estimating the security risk supported by our risk assessment model.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
ISO/IEC 17799: (E), Information technology—Security techniques—Code of practice for information security management (2005)
Kwok, L., Dennis Longley, D.: Information security management and modeling. Inf. Manage. Comput. Secur. 7, 30–40 (1999)
NIST SP 800-53: Information Security Handbook: A Guide for Managers (2006)
National Institute of Standards and Technology, Information Security - Guide for Conducting Risk Assessments (2002)
Stoneburner, G., Goguen, A., Feringa, A.: Risk management guide for information technology systems: Recommendations of the national institute of standards and technology. National Institute of Standards and Technology (NIST) Special Publication 800-30, U.S. Government Printing Office (2001)
Aissa, A.B., Abercrombie, R.K., Sheldon, F.T., Mili, A.: Quantifying security threats and their potential impacts: a case study. ISSE 6(4), 269–281 (2010)
Mayer, N.: Model-based management of information system security risk. Ph.D. Thesis (2009)
Avizienis, A., Laprie, J.C., Randell, B.: Dependability and its threats: a taxonomy. In: IFIP Congress Topical Sessions, pp. 91–120 (2004)
Jouini, M., Ben Arfa Rabai, L.: A Security Risk Management Model for Cloud Computing Systems: Infrastructure as a Service. SpaCCS 2017, pp. 594–608 (2017)
Jouini, M., Ben Arfa Rabai, L., Khédri, R.: A multidimensional approach towards a quantitative assessment of security threats. ANT/SEIT 2015, pp. 507–514 (2015)
Jouini, M., Ben Arfa Rabai, L.: A security framework for secure cloud computing environments. IJCAC 6(3), 32–44 (2016)
Jouini, M., Ben Arfa Rabai, L.: A multi-dimensional mean failure cost model to enhance security of cloud computing systems. IJERTCS 7(2), 1–14 (2016)
Goettelmann, E., Dahman, K., Gateau, B., Dubois, E., Godart, C.: A security risk assessment model for business process deployment in the cloud, SCC. IEEE, pp. 307–314 (2014)
Zhao, X., Dai, M., Ren, S., Li, L., Duan, Z.: Risk assessment model of information security for transportation industry system based on risk matrix. Appl. Math. Inf. Sci. 3, 1301–1306 (2014)
White, J.M.: Security Risk Assessment Managing Physical and Operational Security (2014)
Sun, L., Srivastava, R.P., Mock, T.J.: An information systems security risk assessment model under dempsterschafer theory of belief functions. J. Manage. Inf. Syst. 22(4), 109–142 (2006)
Nincic, D.J., Bruce, C.: The utility of risk assessment tools in maritime security analysis. http://iamu-edu.org/wp-content/uploads/2014/07/28_TheUtilityofRisk.pdf
Daly, J.C.K.: Al-Qaeda and maritime terrorism, part I, The Terrorism Monitor, Jamestown Foundation (2003)
Richardson, M.: A time bomb for global trade: Maritime-related terrorism in an age of weapons of mass destruction, Viewpoints, Institute of South East Asian Studies (2004)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Jouini, M., Ben Arfa Rabai, L., Khedri, R. (2019). Software Requirements for an Ultra Large Scale System to Compute Multi Dimension Mean Failure Cost. In: Park, J., Shen, H., Sung, Y., Tian, H. (eds) Parallel and Distributed Computing, Applications and Technologies. PDCAT 2018. Communications in Computer and Information Science, vol 931. Springer, Singapore. https://doi.org/10.1007/978-981-13-5907-1_39
Download citation
DOI: https://doi.org/10.1007/978-981-13-5907-1_39
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-5906-4
Online ISBN: 978-981-13-5907-1
eBook Packages: Computer ScienceComputer Science (R0)