EEMCS
Home > Publications
Home University of Twente
Education
Research
Prospective Students
Jobs
Publications
Intranet (internal)
 
 Nederlands
 Contact
 Sitemap
 Search
 Organisation

EEMCS EPrints Service


11953 IT Confidentiality Risk Assessment for an Architecture-Based Approach
 Home Policy Brochure Browse Search User Area Contact Help

Morali, A. and Zambon, Emmanuele and Etalle, S. and Overbeek, P. (2008) IT Confidentiality Risk Assessment for an Architecture-Based Approach. Technical Report TR-CTIT-08-05, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625

Full text available as:

PDF
 - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
714 Kb
Exported to Metis

Abstract

Information systems require awareness of risks and a good understanding of vulnerabilities and their exploitations. In this paper, we propose a novel approach for the systematic assessment and analysis of confidentiality risks caused by disclosure of operational and functional information. The approach is modeldriven integrating information assets and the IT infrastructure that they rely on for distributed systems. IT infrastructures enable one to analyse risk propagation possibilities and calculate the impact for confidentiality incidents. Furthermore, depending on the monetary value of an information asset, we bridge the technical and business-oriented views of information security.

Item Type:Internal Report (Technical Report)
Research Group:EWI-DIES: Distributed and Embedded Security, EWI-IS: Information Systems
Research Program:CTIT-ISTRICE: Integrated Security and Privacy in a Networked World
Research Project:VRIEND: Value-Based Security Risk Mitigation in Enterprise Networks that are Decentralized
ID Code:11953
Deposited On:29 January 2008
More Information:statisticsmetis

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item