Information System Security Risk Management improvement

Authors

  • Wissam ABBASS
  • Amine BAINA
  • Mostafa BELLAFKIH

Keywords:

Information System Security Risk Management; Information System Security Risk alignment; Security modeling; SecureUML; Mal-Activity Diagrams; Misuse Cases; Secure Tropos; Entreprise architecure risk management.

Abstract

Nowadays, the business services of organizations depend widely on Information Systems (IS). However, these systems may face potential failure or risks that could lead to a business failure. Therefore, the Information System Security Risk management (ISSRM) in organizations is ultimate for business success. ISSRM protects the information availability, integrity, and privacy. The aim of this paper is to improve the ISSRM domain model through the security oriented modeling languages and the enterprise architecture. For this purpose, a survey of the ISSRM alignment in comparison with the security modeling languages is first outlined followed by an overview of the enterprise architecture benefits that can positively influence the ISSRM process.

Downloads

Download data is not yet available.

Downloads

Published

2016-04-01

How to Cite

Wissam ABBASS, Amine BAINA, & Mostafa BELLAFKIH. (2016). Information System Security Risk Management improvement. Journal of Network and Innovative Computing, 4, 11. Retrieved from https://cspub-jnic.org/index.php/jnic/article/view/110

Issue

Vol. 4 (2016)

Section

Original Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

You are free to:

  1. Share — copy and redistribute the material in any medium or format for any purpose, even commercially.
  2. Adapt — remix, transform, and build upon the material for any purpose, even commercially.
  3. The licensor cannot revoke these freedoms as long as you follow the license terms.

Under the following terms:

  1. Attribution — You must give appropriate credit , provide a link to the license, and indicate if changes were made . You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
  2. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.

Notices:

You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation .

No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.