Abstract
Given the increasing cooperation between organizations, the flexible exchange of security information across the allied organizations is critical to effectively manage information systems (IS) security in a distributed environment. In this paper, we develop a cooperative model for IS security risk management in a distributed environment. In the proposed model, the exchange of security information among the interconnected IS under distributed environment is supported by Bayesian networks (BNs). In addition, for an organization's IS, a BN is utilized to represent its security environment and dynamically predict its security risk level, by which the security manager can select an optimal action to safeguard the firm's information resources. The actual case studied illustrates the cooperative model presented in this paper and how it can be exploited to manage the distributed IS security risk effectively.
Highlights
With the increasing of collaboration between organizations, the management of information systems (IS) security risk is distributed across the allied organizations and the cooperative activities between organizations are imperative [1,2,3,4]
For more effectively assessing the security risk level of the IS in a distributed environment, it is critical to develop a system for the exchange of security information among the interconnected IS
How to achieve the flexible exchange of security information under distributed environment is a significant challenge in the process of modelling [5]
Summary
College of Management and Economics, Tianjin University, 92 Weijin Road, Nankai District, Tianjin 300072, China. Given the increasing cooperation between organizations, the flexible exchange of security information across the allied organizations is critical to effectively manage information systems (IS) security in a distributed environment. We develop a cooperative model for IS security risk management in a distributed environment. The exchange of security information among the interconnected IS under distributed environment is supported by Bayesian networks (BNs). For an organization’s IS, a BN is utilized to represent its security environment and dynamically predict its security risk level, by which the security manager can select an optimal action to safeguard the firm’s information resources. The actual case studied illustrates the cooperative model presented in this paper and how it can be exploited to manage the distributed IS security risk effectively
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
