Design Issues and Threats in Security Risk Management
Naveen Kumar R, G. Ravindra Babu, , ,
Affiliations 1Reseaech Scholar, Department of Computer Science and Engineering, Siddhartha Institute of Engineering and Technology, Hyderabad, Telangana, India.
Risk management can be thought of as a process, a theory, a procedure, or a methodology. Its primary objective is to identify assets, vulnerabilities, and threats and then to protect those assets. Risk management is crucial to any organization for the simple reason that it is the best available tool that enables them to determine the level of protection required for their many different assets at the lowest possible cost. A few different approaches have been created for the purpose of managing the risks associated with information security. These methodologies incorporate a variety of strategies, procedures, and perspectives in order to analyses and evaluate risks.
Naveen Kumar R,G. Ravindra Babu."Design Issues and Threats in Security Risk Management". International Journal of Computer Engineering In Research Trends (IJCERT) ,ISSN:2349-7084 ,Vol.3, Issue 03,pp.152-167, March - 2016,
Keywords : Risk management, Information Security Management, Management Framework
1. C. Alberts and A. Dorofee, Managing Information Security Risks: The OCTAVE Approach. Addison Wesley Professional, July 2002.
2. K. Stolen, F. den Braber, T. Dimitrakos, R. Fredriksen, B. A. Gran, S.-H. Houmb, Y. C. Stamatiou, and J. O. Aagedal., Business Component-Based Software En-gineering, ch. Model-based risk assessment in a component-based software engineering process: the CORAS approach to identify security risks, pp. 189–207. Kluwer, 2003.
3. C. S. S. Ltd, “Security risk analysis and ISO 17799 / BS7799 compliance tool.” http://www.riskworld.net/.
4. R. Inc. http://www.riskwatch.com.
5. M. Hamdi and N. Boudriga, “Computer security risk management: Theory, challenges, and countermeasures,” International Journal of Communication Systems, vol. 18, no. 8, pp. 763–793, 2005.
6. M. Hamdi and N. Boudrgia, “Computer network security risk management: A survey,” in Jordan International Conference on Computer Science and Engineer-ing, (Jordan), October 2004.
7. T. R. Peltier, Information Security Risk Analysis. AUERBACH, 1st ed., 2001.
8. B. A. Fessi, M. Hamdi, S. Benabdallah, and N. Boudriga, “A decisional framework system for computer network intrusion detection,” European Journal of Operational Research, vol. 177, pp. 1824–1838, 2007.
9. M. Hamdi, N. Boudriga, and M. S. Obaidat, Handbook of Information Security, vol. 3, ch. Security Policy Guidelines, pp. 945–959. John Wiley & Sons, Inc, 2006.
10. E. Verzuh, The Portable MBA in Project Management, ch. Project management is a strategic strength, pp. 5–25. John Wiley & Sons, Inc., 1 ed., 2003.
11. H. Kerzner, Strategic Planning for Project Management using A Project Manage-ment Maturity Model. John Wiley & Sons, Inc., 2001.
12. K. Heldman, PMP: Project Management Professional Study Guide. SYBEX Inc., 2002.
13. P. M. Institute, A Guide to the Project Management Body of Knowledge: PMBOK Guide. Project Management Institute, 3rd ed., 2004.
14. R. L. Kliem and I. S. Ludin, Project Management Practitioner’s Handbook. AMA-COM, 1998.
15. Harvard Business School, Project Management Manual, October 1997. 9-697-034.
16. Project management: Guide to project management. No. BS6079-1:2002, British Standards Institute, May 2002.
17. I. O. for Standardization, ISO 10006:2003 Quality management systems - Guide-lines for quality management in projects. June 2003.
18. I. O. for Standardization, ISO 10007:2003 Quality management systems - Guide-lines for configuration management. 2003.
19. V. Temnenco, “Software estimation, enterprise-wide: Reasons and means.” IBM developer Works, June 15 2007.
20. H. Leung and Z. Fan, Handbook of Software Engineering and Knowledge Engineering, vol. II, ch. Software Cost Estimation. 2001.
21. B. Boehm, C. Abts, and S. Chulani, “Software development cost estimation approaches - a survey,” Tech. Rep. USC-CSE-2000-505, USC Center for Software Engineering, April 10 2000.
22. R. Smith and L. Edwards, “Cocomo- scorm: Interactive courseware project cost modeling,” in Proceedings of International Council of Systems Engineering Con-ference, 2006.
23. B. Boehm, R. Valerdi, J. A. Lane, and A. W. Brown, “Cocomo suite methodology and evolution,” CROSSTALK The Journal of Defense Software Engineering, pp. 20–25, 2005.
24. C. A. I. (CAI), “Focus on lawrence putnam: A cai state of the practice interview,” IT Metrics and Productivity Journal, vol. Special Edition, pp. 1–12, September 2006.
25. O. Marban, E. Menasalvas, and C. Fernandez-Baizan, “A cost model to esti-mate the e?ort of data mining projects (dmcomo),” Information Systems ournal, vol. 33, pp. 133 – 150, 2008.
26. B. W. Boehm, C. Abts, A. W. Brown, S. Chulani, B. K. Clark, E. Horowitz, R. Madachy, D. Reifer, and B. Steece, Software Cost Estimation with COCOMO II. Prentice Hall, 2000.
27. T. E. Hastings and A. Sajeev, “A vector-based approach to software size measurement and effort estimation,” IEEE Transaction on Software Engineering, vol. 27, no. 4, pp. 337–350, 2001.
Authors are not required to pay any article-processing charges (APC) for their article to be published open access in Journal IJCERT. No charge is involved in any stage of the publication process, from administrating peer review to copy editing and hosting the final article on dedicated servers. This is free for all authors.
News & Events
Latest issue :Volume 10 Issue 1 Articles In press
☞ INVITING SUBMISSIONS FOR THE NEXT ISSUE :
☞ LAST DATE OF SUBMISSION : 31st March 2023
☞ SUBMISSION TO FIRST DECISION : In 7 Days
☞ FINAL DECISION : IN 3 WEEKS FROM THE DAY OF SUBMISSION
All the authors, conference coordinators, conveners, and guest editors kindly check their articles' originality before submitting them to IJCERT. If any material is found to be duplicate submission or sent to other journals when the content is in the process with IJCERT, fabricated data, cut and paste (plagiarized), at any stage of processing of material, IJCERT is bound to take the following actions.
1. Rejection of the article.
2. The author will be blocked for future communication with IJCERT if duplicate articles are submitted.
3. A letter regarding this will be posted to the Principal/Director of the Institution where the study was conducted.
4. A List of blacklisted authors will be shared among the Chief Editors of other prestigious Journals
We have been screening articles for plagiarism with a world-renowned tool: Turnitin However, it is only rejected if found plagiarized. This more stern action is being taken because of the illegal behavior of a handful of authors who have been involved in ethical misconduct. The Screening and making a decision on such articles costs colossal time and resources for the journal. It directly delays the process of genuine materials.