1985 Opinion survey of MIS managers: Key issues
MIS Quarterly
The Combination of Evidence in the Transferable Belief Model
IEEE Transactions on Pattern Analysis and Machine Intelligence
Perspectives on the theory and practice of belief functions
International Journal of Approximate Reasoning
Decision analysis using belief functions
International Journal of Approximate Reasoning
PULCinella: a general tool for propagating uncertainty in valuation networks
Proceedings of the seventh conference (1991) on Uncertainty in artificial intelligence
Advances in the Dempster-Shafer theory of evidence
Advances in the Dempster-Shafer theory of evidence
Decision analysis using belief functions
Advances in the Dempster-Shafer theory of evidence
On decision making using belief functions
Advances in the Dempster-Shafer theory of evidence
Dynamic decision making with belief functions
Advances in the Dempster-Shafer theory of evidence
Computer security—an end state?
Communications of the ACM
Constructing the Pignistic Probability Function in a Context of Uncertainty
UAI '89 Proceedings of the Fifth Annual Conference on Uncertainty in Artificial Intelligence
Axioms for probability and belief-function proagation
UAI '88 Proceedings of the Fourth Annual Conference on Uncertainty in Artificial Intelligence
Journal of Computer Security - IFIP 2000
Applications of Belief Functions in Business Decisions: A Review
Information Systems Frontiers
Risk analysis for information technology
Journal of Management Information Systems
Password security: an empirical study
Journal of Management Information Systems
Preventive and deterrent controls for software piracy
Journal of Management Information Systems
Evidential reasoning for web trust assurance services
Journal of Management Information Systems - Special section: Exploring the outlands of the MIS discipline
International Journal of Electronic Commerce
The Security Hole in WAP: An Analysis of the Network and Business Rationales Underlying a Failure
International Journal of Electronic Commerce
International Journal of Electronic Commerce
Retail Bank Services Strategy: A Model of Traditional, Electronic, and Mixed Distribution Choices
Journal of Management Information Systems
Understanding the effects of relationships on the intention of a firm to adopt e-banking
International Journal of Electronic Finance
Intrusion Prevention in Information Systems: Reactive and Proactive Responses
Journal of Management Information Systems
International Journal of Electronic Commerce
Journal of Management Information Systems
Understanding the Value of Countermeasure Portfolios in Information Systems Security
Journal of Management Information Systems
Decision-Theoretic and Game-Theoretic Approaches to IT Security Investment
Journal of Management Information Systems
National information security policy and its implementation: A case study in Taiwan
Telecommunications Policy
A group evidential reasoning approach for enterprise architecture framework selection
International Journal of Information Technology and Management
A web-based multi-perspective decision support system for information security planning
Decision Support Systems
Situation monitoring and analysis of security risk for networked services
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
A new linguistic MCDM method based on multiple-criterion data fusion
Expert Systems with Applications: An International Journal
Prioritizing intrusion analysis using Dempster-Shafer theory
Proceedings of the 4th ACM workshop on Security and artificial intelligence
Auditors' evidence evaluation and aggregation using beliefs and probabilities
International Journal of Approximate Reasoning
Risk analysis in a linguistic environment: A fuzzy evidential reasoning-based approach
Expert Systems with Applications: An International Journal
Information Technology Portfolio Management: Literature Review, Framework, and Research Issues
Information Resources Management Journal
Hacker Behavior, Network Effects, and the Security Software Market
Journal of Management Information Systems
A qualitative analysis of effects of security risks on architecture of an information system
ACM SIGSOFT Software Engineering Notes
Information Sciences: an International Journal
| Hi-index | 0.00 |
This study develops an alternative methodology for the risk analysis of information systems security (ISS), an evidential reasoning approach under the Dempster-Shafer theory of belief functions. The approach has the following important dimensions. First, the evidential reasoning approach provides a rigorous, structured manner to incorporate relevant ISS risk factors, related countermeasures, and their interrelationships when estimating ISS risk. Second, the methodology employs the belief function definition of risk--that is, ISS risk is the plausibility of ISS failures. The proposed approach has other appealing features, such as facilitating cost- benefit analyses to help promote efficient ISS risk management. The paper elaborates the theoretical concepts and provides operational guidance for implementing the method. The method is illustrated using a hypothetical example from the perspective of management and a real-world example from the perspective of external assurance providers. Sensitivity analyses are performed to evaluate the impact of important parameters on the model's results.