Visible to the public Biblio

Filters: Keyword is risk minimization  [Clear All Filters]
2020-04-03
Kozlov, Aleksandr, Noga, Nikolai.  2019.  The Method of Assessing the Level of Compliance of Divisions of the Complex Network for the Corporate Information Security Policy Indicators. 2019 Twelfth International Conference "Management of large-scale system development" (MLSD). :1—5.

The method of assessment of degree of compliance of divisions of the complex distributed corporate information system to a number of information security indicators is offered. As a result of the methodology implementation a comparative assessment of compliance level of each of the divisions for the corporate information security policy requirements may be given. This assessment may be used for the purpose of further decision-making by the management of the corporation on measures to minimize risks as a result of possible implementation of threats to information security.

2018-06-07
Rullo, A., Serra, E., Bertino, E., Lobo, J..  2017.  Shortfall-Based Optimal Security Provisioning for Internet of Things. 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS). :2585–2586.

We present a formal method for computing the best security provisioning for Internet of Things (IoT) scenarios characterized by a high degree of mobility. The security infrastructure is intended as a security resource allocation plan, computed as the solution of an optimization problem that minimizes the risk of having IoT devices not monitored by any resource. We employ the shortfall as a risk measure, a concept mostly used in the economics, and adapt it to our scenario. We show how to compute and evaluate an allocation plan, and how such security solutions address the continuous topology changes that affect an IoT environment.