We apologize for a recent technical issue with our email system, which temporarily affected account activations. Accounts have now been activated. Authors may proceed with paper submissions. PhDFocusTM
CFP last date
20 December 2024
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper
Know more
The week's pick
Responsive image
Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen
Random Articles
Reseach Article

Security Metrics for a Business Information System

Published on December 2013 by T. Chandrakumar, S. Parthasarathy, R Maragathameena, S Arun Raj Pandian
journal_cover_thumbnail

International Conference on Computing and information Technology 2013
Foundation of Computer Science USA
IC2IT - Number 1
December 2013
Authors: T. Chandrakumar, S. Parthasarathy, R Maragathameena, S Arun Raj Pandian
a8ea93b5-70e8-4790-91b1-797d8cd2fb5d

T. Chandrakumar, S. Parthasarathy, R Maragathameena, S Arun Raj Pandian . Security Metrics for a Business Information System. International Conference on Computing and information Technology 2013. IC2IT, 1 (December 2013), 33-38.

@article{
author = { T. Chandrakumar, S. Parthasarathy, R Maragathameena, S Arun Raj Pandian },
title = { Security Metrics for a Business Information System },
journal = { International Conference on Computing and information Technology 2013 },
issue_date = { December 2013 },
volume = { IC2IT },
number = { 1 },
month = { December },
year = { 2013 },
issn = 0975-8887,
pages = { 33-38 },
numpages = 6,
url = { /proceedings/ic2it/number1/14389-1308/ },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Proceeding Article
%1 International Conference on Computing and information Technology 2013
%A T. Chandrakumar
%A S. Parthasarathy
%A R Maragathameena
%A S Arun Raj Pandian
%T Security Metrics for a Business Information System
%J International Conference on Computing and information Technology 2013
%@ 0975-8887
%V IC2IT
%N 1
%P 33-38
%D 2013
%I International Journal of Computer Applications
Abstract

The notion of security metrics is a very significant aspect for Enterprise information System (BIS). Information Security metrics are often underused and in some cases unseen, anyway could be a profitable instrument in assembling better enterprise security. This information aides measure the day by day impact and quality of current defends and shows the quality of these functions through all business methodologies. This paper discusses a ASPIRE methodical approach to identify the right metrics to measure security preparedness and move toward a strong justification for information security investment and better enterprise outcomes.

References
  1. Tashi I. , "Security metrics to improve information security management", In Proceedings of the 6th Annual Security Conference, April 11-12, 2007, Las Vegas, NV.
  2. Johansson, Erik. ," Assessment of Enterprise Information Security",2010.
  3. Barabanov R. , "Information Security Metrics State of the Art", DSV Report series, Mar 25, 2011.
  4. Chaula A and Kowalski S. , "security metrics and evaluation of information Systems security", SIDA Sponsored Research Project, 2010.
  5. Swanson M and Bartol N. , "Security Metrics guide for Information Technology Systems", Available at: http://csrc. nist. gov/csspab/june13-15/sec-metrics. html
  6. Rathbun D. , "Gathering Security Metrics and Reaping the Rewards", October 2009.
  7. Shivani G and Ravi K. , "Vulnerability Management for an Enterprise Resource Planning System", International Journal of Computer Applications, Volume 53– No. 4, September 2012.
  8. Marte T. , "Information Security Metrics An Empirical Study of Current Practice", Specialization Project, Trondheim, December 2012.
  9. Patriciu V and Priescu L. , "Security Metrics For Enterprise Information Systems", Journal of Applied Quantitative Methods, Vol. 1, 2006.
  10. Johansson,Erik. ," Assessment of enterprise information security",EDOC Enterprise Computing Conference, 2005
  11. Vaughn Jr. , Rayford B. ," Information assurance measures and metrics", International Conference on System sciences ,2012.
  12. Marnewic C. , "A Security Framework For An Erp System", International Conference on Information Systems, Dec 2011.
  13. Liu,L. ," Security and privacy requirements analysis within a social setting",Requirements Engineering Conference, 2003.
  14. Theodosios Tsiakis. ,"The economic approach of information security",2009.
  15. Reijo M. Savola. ," Quality of security metrics and measurements", Computers & Security Volume 37, September 2013, Pages 78–90
  16. Patil J. , "Information Security Framework: Case Study of A Manufacturing Organization", 2008.
  17. VV Patriciu, I. Priescu, S. Nicol?escu, Security Monitoring - An Advanced Tactic for Network Security Management, Communications 2006 Conference, Bucharest, Romania , 2006
  18. VV Patriciu, I. Priescu, S. Nicol?escu, Operational Security Metrics for Large Networks, International Conference on Computers, Communications & Control (ICCC 2006) - Oradea, Romania, 2012
  19. ISO/IEC. Information Technology - Security Techniques, Code of practice for information security management (final draft), ISO, 2010.
  20. Erland Jonsson and Laleh Pirzadeh. ," A framework for security metrics based on operational system attributes", Third International Workshop, 2011.
  21. Theodosios Tsiakis," Information Security Expenditures: a Techno-Economic Analysis"International Journal of Computer Science and Network Security, VOL. 10 No. 4, April 2010.
  22. Chad Robinson," Collecting Effective Security Metrics" CSO Analyst Reports, 2012.
  23. Juan wang, haowang. " Security metrics for software systems", 47th Annual Southeast Regional Conference, 2009.
  24. G. Hinson, "Seven myths about information security metrics," ISSA Journal, Jul. 2010.
  25. D. A. Chapin and S. Akridge, "How can security be measured?" Information Systems Control Journal, 2011.
  26. R. Savola, "A security metrics taxonomization model for software-intensive systems," Journal of Information Processing Systems, Vol. 5, No. 4, 2009, 10 p.
  27. ISO/IEC International Standard 17799:2000 Code of practice for information security management, 2000.
  28. Johnson P. , et al. , "Using Enterprise Architecture for CIO Decision-Making: On the importance of theory", Proceedings of the 2nd Annual Conference on Systems Engineering Research (CSER), April 15-16, 2004.
  29. Johansson E. , et al. , "Assessment of EIS - An ATD Definition", Proceedings of the 3rd Annual Conference on Systems Engineering Research (CSER), March 23-25, 2005.
  30. Johansson E. , et al. , "Assessment of Enterprise Information Security – The Importance of Information Search Cost", Hawaii International Conference on System Sciences (HICSS), January 4-7, 2010.
  31. NIST Special Publication 800-26, "Security Self-Assessment Guide for Information Technology Systems", National Institute of Standards and Technology, 2011
Index Terms

Computer Science
Information Sciences

Keywords

Information Security Security Metrics Business Information Systems (bis)