DocumentCode :
1642799
Title :
Applying ROI Analysis to Support SOA Information Security Investment Decisions
Author :
Buck, Kevin ; Das, Prasant ; Hanf, Diane
Author_Institution :
MITRE Corp., McLean, VA
fYear :
2008
Firstpage :
359
Lastpage :
366
Abstract :
Offering functionality and data in a secure manner poses significant challenges for Government enterprises that are embracing approaches, such as Service- Oriented Architectures (SOA), especially when there is a desire to promote information sharing across functional, organizational, or Community of Interest (COI) boundaries. Many Government organizations evaluate Implementation of security measures against the risk that a particular vulnerability will be exploited by a particular threat. Informed Information security Investment decisions are made based upon analysis of cost, benefit, schedule, performance, and risk tradeoffs. The Investment decision-making space for Information security In a web-based, service-oriented environment is explored in this paper, and methods for evaluating operational, economic and performance implications are considered. This paper discusses the value and practicality of applying Return-on-Investment (ROI) analysis for Government information security investment decision-making, especially when information sharing is a key success driver. Recommendations are based upon preliminary findings of a MITRE Mission-Oriented Investigation and Experimentation (MOIE) effort related to SOA Performance Measures Expression In Performance-Based Acquisition (PBA) Vehicles.
Keywords :
Web services; decision making; government data processing; security of data; software architecture; government organization; information security investment decision making; information sharing; mission-oriented investigation; performance-based acquisition vehicles; return-on-investment analysis; service-oriented architecture; Cost benefit analysis; Data security; Decision making; Government; Information analysis; Information security; Investments; Particle measurements; Semiconductor optical amplifiers; Service oriented architecture;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Technologies for Homeland Security, 2008 IEEE Conference on
Conference_Location :
Waltham, MA
Print_ISBN :
978-1-4244-1977-7
Electronic_ISBN :
978-1-4244-1978-4
Type :
conf
DOI :
10.1109/THS.2008.4534478
Filename :
4534478
Link To Document :
بازگشت