Title :
Information Security Risk Assessment Model Based on OCTAVE for E-Government
Author :
Chen Xin-ming ; Wen Ning
Author_Institution :
Inf. Dept., Hunan Univ. of Commerce, Changsha, China
Abstract :
Operationally Critical Threat, Asset and Vulnerability Evaluation (OCTAVE) is introduced, together with its feasibility and deficiency when used in information security risk assessing for E-Government. AHP is imported to build a Risk Assessment Model of Information Security for E-Government based on OCTAVE, the value of information assets is defined by significance, confidentiality, integrality and usability, the risk assessment procedure is divided into four phases including assets evaluation, threats evaluation, vulnerability evaluation and risk measuring, the general risk value of information assets can be calculated and its risk level can be determined. At last, a case study is given to show the feasibility of the risk assessment model.
Keywords :
government data processing; risk management; security of data; OCTAVE; e-government; information security risk assessment model; operationally critical threat asset and vulnerability evaluation; Electronic government; Information security; Risk management; Servers;
Conference_Titel :
Internet Technology and Applications, 2010 International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-5142-5
Electronic_ISBN :
978-1-4244-5143-2
DOI :
10.1109/ITAPP.2010.5566571
