期刊名称:International Journal of Advanced Computer Science and Applications(IJACSA)
印刷版ISSN:2158-107X
电子版ISSN:2156-5570
出版年度:2016
卷号:7
期号:12
DOI:10.14569/IJACSA.2016.071221
出版社:Science and Information Society (SAI)
摘要:Risk scoring models assume that confidentiality evaluation is based on user estimations. Confidentiality evaluation incorporates the impacts of various factors including systems' technical configuration, on the processes relating to users' confidentiality. The assumption underlying this research is that system users are not capable of estimating systems' confidentiality since they lack the knowledge on the technical structure. According to the proposed model, systems' confidentiality is calculated using technical information of systems' components. The proposed model evaluates confidentiality based on quantitative metrics rather than qualitative estimates which are currently being used. Frameworks' presentation includes system design, an algorithm calculating confidentiality measures and an illustration of risk scoring computations.
关键词:thesai; IJACSA Volume 7 Issue 12; information security; risk management; continuous monitoring; vulnerability; confidentiality; risk assessment; access control; authorization system
