Information Security Governance Analysis using Probabilistic Relational Models
2011 (English)In: Proceedings of the 8th International Workshop on Security in Information Systems, WOSIS 2011, in Conjunction with ICEIS 2011, 2011, 142-150 p.Conference paper (Refereed)
This paper proposes the use of Probabilistic Relational Models (PRM) for analyzing dependencies between Information Security Governance (ISG) components and its impact on process capability of mitigating information security vulnerabilities. Using the PRM enables inference between different ISG components expressed in probabilities, and also inference on the process capability. A concrete PRM which exemplifies how to assess the capability of the access control process is further presented, and thus showing how the PRM can be adapted to fit the analysis of a specific process in an organizational environment.
Place, publisher, year, edition, pages
2011. 142-150 p.
Electrical Engineering, Electronic Engineering, Information Engineering
IdentifiersURN: urn:nbn:se:kth:diva-79636ScopusID: 2-s2.0-84865201171ISBN: 978-989842561-4OAI: oai:DiVA.org:kth-79636DiVA: diva2:495640
8th International Workshop on Security in Information Systems, WOSIS 2011, in Conjunction with ICEIS 2011; Beijing; China; 8 June 2011 through 11 June 2011
QC 201203292012-02-092012-02-092014-09-24Bibliographically approved