A Study on the Impact Analysis of Security Flaws between Security Controls: An Empirical Analysis of K-ISMS using Case-Control Study
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Kim, Hwankuk | - |
dc.contributor.author | Lee, Kyungho | - |
dc.contributor.author | Lim, Jongin | - |
dc.date.accessioned | 2021-09-03T01:03:55Z | - |
dc.date.available | 2021-09-03T01:03:55Z | - |
dc.date.created | 2021-06-19 | - |
dc.date.issued | 2017-09-30 | - |
dc.identifier.issn | 1976-7277 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/82178 | - |
dc.description.abstract | The measurement of information security levels is a very important but difficult task. So far, various measurement methods have studied the development of new indices. Note, however, that researches have focused on the problem of attaining a certain level but largely neglecting research focused on the issue of how different types of possible flaws in security controls affect each other and which flaws are more critical because of these effects. Furthermore, applying the same weight across the board to these flaws has made it difficult to identify the relative importance. In this paper, the interrelationships among security flaws that occurred in the security controls of K-ISMS were analyzed, and the relative impact of each security control was measured. Additionally, a case-control study was applied using empirical data to eliminate subjective bias as a shortcoming of expert surveys and comparative studies. The security controls were divided into 2 groups depending on whether or not a security flaw occurs. The experimental results show the impact relationship and the severity among security flaws. We expect these results to be applied as good reference indices when making decisions on the removal of security flaws in an enterprise | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | KSII-KOR SOC INTERNET INFORMATION | - |
dc.subject | INFORMATION SECURITY | - |
dc.subject | MANAGEMENT | - |
dc.title | A Study on the Impact Analysis of Security Flaws between Security Controls: An Empirical Analysis of K-ISMS using Case-Control Study | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Lee, Kyungho | - |
dc.contributor.affiliatedAuthor | Lim, Jongin | - |
dc.identifier.doi | 10.3837/tiis.2017.09.022 | - |
dc.identifier.scopusid | 2-s2.0-85030839368 | - |
dc.identifier.wosid | 000412054600022 | - |
dc.identifier.bibliographicCitation | KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, v.11, no.9, pp.4588 - 4608 | - |
dc.relation.isPartOf | KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS | - |
dc.citation.title | KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS | - |
dc.citation.volume | 11 | - |
dc.citation.number | 9 | - |
dc.citation.startPage | 4588 | - |
dc.citation.endPage | 4608 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.identifier.kciid | ART002346862 | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.description.journalRegisteredClass | kci | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Telecommunications | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Telecommunications | - |
dc.subject.keywordPlus | INFORMATION SECURITY | - |
dc.subject.keywordPlus | MANAGEMENT | - |
dc.subject.keywordAuthor | Information Security Management | - |
dc.subject.keywordAuthor | ISMS | - |
dc.subject.keywordAuthor | Risk Management | - |
dc.subject.keywordAuthor | Case-Control Study | - |
dc.subject.keywordAuthor | Security | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
(02841) 서울특별시 성북구 안암로 14502-3290-1114
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.