Benefit-Cost Analysis of Security Systems for Multiple Protected Assets Based on Information Entropy

نویسندگان

  • Jingjing Dai
  • Ruimin Hu
  • Jun Chen
  • Qing Cai
چکیده

This article proposes a quantitative risk assessment for security systems which have multiple protected assets and a risk-based benefit-cost analysis for decision makers. The proposed methodology consists of five phases: identification of assets, security unit and intrusion path, security unit effectiveness estimation, intrusion path effectiveness estimation, security system risk assessment and benefit-cost estimation. Key innovations in this methodology include its use of effectiveness entropy to measure the degree of uncertainty of a security system to complete a protection task, and the fact it measures risk like information theory measures the amount of information. A notional example is provided to demonstrate an application of the proposed methodology.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Entropy-based Consensus for Distributed Data Clustering

The increasingly larger scale of available data and the more restrictive concerns on their privacy are some of the challenging aspects of data mining today. In this paper, Entropy-based Consensus on Cluster Centers (EC3) is introduced for clustering in distributed systems with a consideration for confidentiality of data; i.e. it is the negotiations among local cluster centers that are used in t...

متن کامل

A New Model for Best Customer Segment Selection Using Fuzzy TOPSIS Based on Shannon Entropy

In today’s competitive market, for a business firm to win higher profit among its rivals, it is of necessity to evaluate, and rank its potential customer segments to improve its Customer Relationship Management (CRM). This brings the importance of having more efficient decision making methods considering the current fast growing information era. These decisions usually involve several criteria,...

متن کامل

Exploring the Type of Relationship between Information Security Management and Organizational Culture (Case Study in TAM Iran Khodro Co.)

A culture conducive to information security practice is extremely important for organizations since information has to be critical assets in modern enterprises. Thus for understanding and improving the organizational behavior with regard to information security, enterprises may look into organizational culture and examine how it affects the effectiveness of implementing ISM. This study aims ...

متن کامل

Exploring the Type of Relationship between Information Security Management and Organizational Culture (Case Study in TAM Iran Khodro Co.)

A culture conducive to information security practice is extremely important for organizations since information has to be critical assets in modern enterprises. Thus for understanding and improving the organizational behavior with regard to information security, enterprises may look into organizational culture and examine how it affects the effectiveness of implementing ISM. This study aims ...

متن کامل

A New Intrusion Detection System to deal with Black Hole Attacks in Mobile Ad Hoc Networks

By extending wireless networks and because of their different nature, some attacks appear in these networks which did not exist in wired networks. Security is a serious challenge for actual implementation in wireless networks. Due to lack of the fixed infrastructure and also because of security holes in routing protocols in mobile ad hoc networks, these networks are not protected against attack...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • Entropy

دوره 14  شماره 

صفحات  -

تاریخ انتشار 2012