Year-end Sale % OFF 
Abstract
For various IT systems security is considered a key quality factor. In particular, it might be crucial for video surveillance systems, as their goal is to provide continuous protection of critical infrastructure and other facilities. Risk assessment is an important activity in security management; it aims at identifying assets, threats and vulnerabilities, analysis of implemented countermeasures and their effectiveness in mitigating risks. This paper discusses an application of a new risk assessment method, in which risk calculation is based on Fuzzy Cognitive Maps (FCMs) to a complex automated video surveillance system. FCMs are used to capture dependencies between assets and FCM based reasoning is applied to aggregate risks assigned to lower-level assets (e.g. cameras, hardware, software modules, communications, people) to such high level assets as services, maintained data and processes. Lessons learned indicate, that the proposed method is an efficient and low-cost approach, giving instantaneous feedback and enabling reasoning on effectiveness of security system.
Highlights
For various IT systems security is considered a key quality factor. It might be crucial for video surveillance systems, as their goal is to provide continuous protection of critical infrastructure and other important facilities
The salient difference is the use of an Fuzzy Cognitive Maps (FCMs) model capturing influences between assets and allowing their dependencies to be tracked during a risk aggregation
Regardless of a method used, the benefit of making a risk assessment is that the whole process involves asking questions related to architectural decisions
Summary
For various IT systems security is considered a key quality factor. In particular, it might be crucial for video surveillance systems, as their goal is to provide continuous protection of critical infrastructure and other important facilities.Risk assessment is a key process in the management of IT systems security. For various IT systems security is considered a key quality factor. It might be crucial for video surveillance systems, as their goal is to provide continuous protection of critical infrastructure and other important facilities. Risk assessment is a key process in the management of IT systems security. It can be considered an extensive study of assets, threats and vulnerabilities, likelihoods of their occurrences, potential losses and theoretical effectiveness of security measures [24]. Several risk assessment processes are defined by over 15 standards or methods [18], including most popular: ISO/IEC 27005 [31], NIST 800-30 [46] and CRAMM [17]. The standards, apart of defining risk scoring methods, specify organizational foundations for performing risk assessment in the broader context of IT security risk management
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
