Table of Contents Author Guidelines Submit a Manuscript
Journal of Computer Networks and Communications
Volume 2012 (2012), Article ID 151205, 20 pages
http://dx.doi.org/10.1155/2012/151205
Research Article

System Health Monitoring Using a Novel Method: Security Unified Process

1Départment de Genie Informatique et Génie Logiciel, École Polytechnique de Montréal, P.O. Box 6079, Succ. Downtown, Montreal, QC, Canada H3C 3A7
2Department of Computer Engineering & Information Technology, Amirkabir University of Technology, 424 Hafez Avenue, Tehran, Iran

Received 17 October 2011; Revised 12 March 2012; Accepted 16 March 2012

Academic Editor: Lixin Gao

Copyright © 2012 Alireza Shameli-Sendi et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. M. Dey, “Information security management—a practical approach,” in Proceedings of the IEEE AFRICON, pp. 1–6, September 2007. View at Publisher · View at Google Scholar · View at Scopus
  2. ISO, “Information technology Security techniques Information security management systems Requirements,” ISO/IEC 27001, 2005.
  3. J. Eloff and M. Eloff, “Information security management—a new paradigm,” in Proceedings of the SAICSIT, pp. 130–136, 2003.
  4. J. S. Broderick, “ISMS, security standards and security regulations,” Information Security Technical Report, vol. 11, no. 1, pp. 26–31, 2006. View at Publisher · View at Google Scholar · View at Scopus
  5. L. Chung, “Dealing with security requirements during the development of information systems,” in Proceedings of the 5th International Conference on Advanced Information Systems Engineering (CAiSE '93), pp. 234–251, Paris, France, 1993.
  6. S. Kondakci, “A new assessment and improvement model of risk propagation in information security,” International Journal of Information and Computer Security, vol. 1, no. 3, pp. 341–366, 2007. View at Google Scholar
  7. S. Kondakci, “A causal model for information security risk assessment,” in Proceedings of the 6th International Conference on Information Assurance and Security, pp. 143–148, IEEE Computer Society, 2010.
  8. S. Kondakci, “Network security risk assessment using bayesian belief networks,” in Proceedings of the 2nd IEEE International Conference on Social Computing, IEEE International Conference on Privacy, Security, Risk and Trust, pp. 952–960, IEEE Computer Society, August 2010. View at Publisher · View at Google Scholar · View at Scopus
  9. S. Kondakci, “A recursive method for validating and improving network security solutions,” in Proceedings of the International Conference on Security of Information and Networks (SIN '07), pp. 74–83, Trafford Publishing, 2007.
  10. C. Pak, “The near real time statistical asset priority driven (NRTSAPD) risk assessment methodology,” in Proceedings of the 9th ACM SIG-Information Technology Education Conference (SIGITE '08), pp. 105–112, ACM, October 2008, New York, NY, USA. View at Publisher · View at Google Scholar · View at Scopus
  11. C. Pak and J. Cannady, “Asset priority risk assessment using hidden Markov models,” in Proceedings of the 10th ACM Special Interest Group for Information Technology Education (SIGITE '09), pp. 65–73, Fairfax, Va, USA, October 2009. View at Publisher · View at Google Scholar · View at Scopus
  12. C. Xiaolin, T. Xiaobin, Z. Yong, and X. Hongsheng, “A markov game theory-based risk assessment model for network information system,” in Proceedings of the International Conference on Computer Science and Software Engineering (CSSE '08), pp. 1057–1061, December 2008. View at Publisher · View at Google Scholar · View at Scopus
  13. B. C. Guan, C. C. Lo, P. Wang, and J. S. Hwang, “Evaluation of information security related risks of an organization—the application of the multi-criteria decision-making method,” in Proceedings of the 37th IEEE Annual International Carnahan Conference on Security Technology, pp. 168–175, October 2003. View at Scopus
  14. Y. M. Wang and T. M. S. Elhag, “Fuzzy TOPSIS method based on alpha level sets with an application to bridge risk assessment,” Expert Systems with Applications, vol. 31, no. 2, pp. 309–319, 2006. View at Publisher · View at Google Scholar · View at Scopus
  15. S. Kondakci, “A composite network security assessment,” in Proceedings of the 4th International Conference on Information Assurance and Security, pp. 249–254, IEEE Computer Society, 2008.
  16. M. Hamdi and N. Boudriga, “Algebraic specification of network security risk management,” in Proceedings of the ACM Workshop on Formal Methods in Security Engineering (FMSE '03), pp. 52–60, October 2003. View at Scopus
  17. L. Muller, M. Magee, P. Marounek, and A. Philipson, “IBM IT governance approach-business performance through IT execution,” 2008, http://www.redbooks.ibm.com/abstracts/sg247517.html.
  18. IBM Rational Unified Process (RUP), http://www-01.ibm.com/software/awdtools/rup.
  19. P. Kroll and P. Kruchten, Rational Unified Process Made Easy: A Practitioner's Guide to the RUP, Addison-Wesley, Boston, Mass, USA, 2003.
  20. C. Larman and V. R. Basili, “Iterative and incremental development: a brief history,” Computer, vol. 36, no. 6, pp. 47–56, 2003. View at Publisher · View at Google Scholar · View at Scopus
  21. A. Shameli-Sendi, M. Jabbarifar, M. Shajari, and M. Dagenais, “FEMRA: fuzzy expert model for risk assessment,” in Proceedings of the 5th International Conference on Internet Monitoring and Protection, pp. 48–53, Barcelona, Spain, 2010.
  22. K. Haslum, A. Abraham, and S. Knapskog, “Fuzzy online risk assessment for distributed intrusion prediction and prevention systems,” in Proceedings of the 10th International Conference on Computer Modeling and Simulation, pp. 216–223, IEEE Computer Society Press, Cambridge, UK, 2008.
  23. G. Stoneburner, A. Goguen, and A. Feringa, “Risk management guide for information technology systems,” http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf.
  24. J. A. Zachman, “The Zachman framework,” http://www.zachmaninternational.com/.