论文信息 - From Risk Analysis to Security Requirements

From Risk Analysis to Security Requirements

577 Risk analysis used to play a major role in identifying security controls to protect computer and related infrastructures.Today, the emphasis has moved to the protection of information and it seems as if the traditional way of identifying security controls needs to be modernized. This paper studies the evolution of the computer and related technologies and the protection thereof. It further analyses whether an alternative approach to risk analysis should be used to effectively identify the most suitable security controls to protect information as a resource.

Rossouw von Solms | Mariana Gerber

[1] Robin Moses,et al. Risk analysis and management , 1992 .

[2] Glen Bruce,et al. Security In Distributed Computing: Did You Lock the Door? , 1996 .

[3] John Checkley. Building secure systems , 1992 .

[4] 日本規格協会. 情報セキュリティマネジメントシステム : 仕様及び利用の手引 : 英国規格 : BS7799-2:2002 = Information security management systems : specification with guidance for use : british standards : BS 7799-2:2002 , 2002 .