Establishing the business value of network security using analytical hierarchy process
作者: Susan J. Chinburg , Ramesh Sharda , Mark Weiser
DOI: 10.4018/978-1-59140-038-7.CH009
关键词:
摘要: Information technology (IT) has become a critical functionality for business today. Choosing the appropriate network security that will protect IT functions and meet needs can be bewildering but necessary process. The problem is deciding what how much to do. objective of this paper propose new process facilitate mapping business's priorities using well-known classification schemes decision support systems. Establishing relationship between such diverse requires two areas described in terms related. Network services mechanisms provide Open System Interconnection (OSI) Security Architecture classification. Business value activities are Michael Porter's chain. First, each area subjectively related establish an initial functionality/business relationship. Second, tool called analytic hierarchy (AHP) used analytical more schemes. result work prioritized list instead just being driven by technological criteria. An example illustrates concept paper. To best authors knowledge, first application AHP decision-making choosing needs.
irma-international.org参考文章(39)
R. Oppliger, Internet security enters the Middle Ages IEEE Computer. ,vol. 28, pp. 100- 101 ,(1995) , 10.1109/2.467613
Elisa Bertino, Elena Ferrari, Vijay Atluri, The specification and enforcement of authorization constraints in workflow management systems ACM Transactions on Information and System Security. ,vol. 2, pp. 65- 104 ,(1999) , 10.1145/300830.300837
Stuart G. Stubblebine, Paul F. Syverson, David M. Goldschlag, Unlinkable serial transactions: protocols and applications ACM Transactions on Information and System Security. ,vol. 2, pp. 354- 389 ,(1999) , 10.1145/330382.330384
Michael K. Reiter, Stuart G. Stubblebine, Authentication metric analysis and design ACM Transactions on Information and System Security. ,vol. 2, pp. 138- 158 ,(1999) , 10.1145/317087.317088
Larry L. Peterson, Oliver Spatscheck, Defending against denial of service attacks in Scout operating systems design and implementation. pp. 59- 72 ,(1999) , 10.5555/296806.296811
R. Oppliger, Shaping the research agenda for security in e-commerce database and expert systems applications. pp. 810- 814 ,(1999) , 10.1109/DEXA.1999.795287
Rolf Oppliger, Internet and Intranet Security ,(1998)
Ralf Hauser, Tony Przygienda, Gene Tsudik, Lowering security overhead in link state routing Computer Networks. ,vol. 31, pp. 885- 894 ,(1999) , 10.1016/S1389-1286(98)00022-X
Shai Halevi, Hugo Krawczyk, Public-key cryptography and password protocols computer and communications security. pp. 122- 131 ,(1998) , 10.1145/288090.288118
Rolf Oppliger, Internet security: firewalls and beyond Communications of The ACM. ,vol. 40, pp. 92- 102 ,(1997) , 10.1145/253769.253802