首页    期刊浏览 2024年11月29日 星期五
登录注册

文章基本信息

  • 标题:INFORMATION SYSTEM SECURITY THREATS CLASSIFICATIONS
  • 本地全文:下载
  • 作者:Gerić, Sandro ; Hutinski, Željko
  • 期刊名称:Journal of Information and Organizational Sciences
  • 印刷版ISSN:1846-3312
  • 电子版ISSN:1846-9418
  • 出版年度:2007
  • 卷号:31
  • 期号:1
  • 页码:51-61
  • 出版社:Faculty of Organization and Informatics University of Zagreb
  • 摘要:Information systems are exposed to different types of security risks. Theconsequences of information systems security (ISS) breaches can vary from e.g. damaging the data base integrity to physical "destruction" of entire information system facilities, and can result with minor disruptions in less important segments of information systems, or with significant interruptions in information systems functionality. The sources of security risks are different, and can origin from inside or outside of information system facility, and can be intentional or unintentional. The precise calculation of loses caused by such incidents is often not possible because a number of small scale ISS incidents are never detected, or detected with a significant time delay, a part of incidents are interpreted as an accidental mistakes, and all that results with an underestimation of ISS risks. This paper addresses the different types and criteria of information system security risks (threats) classification and gives an overview of most common classifications used in literature and in practice. We define a common set of criteria that can be used for information system security threats classification, which will enable the comparison and evaluation of different security threats from different security threats classifications.
  • 关键词:information system security; ISS; security risk; threat; classification; criteria
国家哲学社会科学文献中心版权所有