A paradigmatic analysis of conventional approaches for developing and managing secure IS
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
ACM Transactions on Internet Technology (TOIT)
| Hi-index | 0.00 |
This paper describes a security risk assessment process for large, heterogeneous systems of systems, such as C/sup 4/I or weapon systems. It first defines the characteristics of an effective security risk assessment process. Next, it discusses subsystem-level and top-down risk assessment approaches and describes their advantages and limitations. The paper then presents and discusses the characteristics and benefits of a hybrid top-down system-wide approach, termed a "guided top-down" approach. It summarizes the benefits of this approach, including (i) efficient and effective allocation of risk assessment resources (often scarce) at the subsystem level during development and implementation, and (ii) its ability to provide decision makers with understandable results on which to base an approval-to-operate decision.