2021-03-05T07:42:25Z
http://oa.upm.es/cgi/oai2
oai:oa.upm.es:26123
2014-09-22T11:39:55Z
7374617475733D756E707562
7375626A656374733D696E666F726D6174696361
747970653D636F6E666572656E63655F6974656D
A fuzzy approach to risk analysis in information systems
Vicente Cestero, Eloy
Jiménez Martín, Antonio
Mateos Caballero, Alfonso
Computer Science
Assets are interrelated in risk analysis methodologies for information systems promoted by international standards. This means that an attack on one asset can be propagated through the network and threaten an organization's most valuable assets. It is necessary to valuate all assets, the direct and indirect asset dependencies, as well as the probability of threats and the resulting asset degradation. These methodologies do not, however, consider uncertain valuations and use precise values on different scales, usually percentages. Linguistic terms are used by the experts to represent assets values, dependencies and frequency and asset degradation associated with possible threats. Computations are based on the trapezoidal fuzzy numbers associated with these linguistic terms.
Facultad de Informática (UPM)
http://creativecommons.org/licenses/by-nc-nd/3.0/es/
2013
info:eu-repo/semantics/conferenceObject
Presentation at Congress or Conference
ICORES 2013: proceedings of the 2nd International Conference on Operations Research and Enterprise Systems | Proceedings of the 2nd International Conference on Operations Research and Enterprise Systems | 16-18 Feb 2013 | Barcelona, España
PeerReviewed
application/pdf
eng
http://www.icores.org/?y=2013
info:eu-repo/semantics/openAccess
http://oa.upm.es/26123/