会议专题

A Business Process-based Risk Evaluation Framework

  To present the essence of information system risk evaluation and improve the effect of evaluation,the paper puts forward a business process-based information system risk evaluation after analyzing the current risk evaluation methods.The framework begins with the description of business process in perspective of information security and then analyzes and assesses the business activities.The risk-control evaluation of business activities is brought forward and the optional security control measures are comprehensively evaluated so as to ensure security of business activities.The framework focuses on business process activities so that information system assets,their vulnerabilities and threats are associated and evaluation of isolated and meaningless assets is avoided.

Business Process Business Activity Information Security Risk Evaluation

Zhiwei Yu

Ningbo Institute of Technology, Zhejiang University, Ningbo, China

国际会议

the 2011 International Conference on Frontiers of Manufacturing Science and Measuring Technology (第一届制造科学与检测技术国际会议(ICFMM2011))

重庆

英文

1024-1028

2011-06-23(万方平台首次上网日期,不代表论文的发表时间)