Table of Contents Author Guidelines Submit a Manuscript
The Scientific World Journal
Volume 2014, Article ID 167497, 6 pages
http://dx.doi.org/10.1155/2014/167497
Research Article

A Cooperative Model for IS Security Risk Management in Distributed Environment

College of Management and Economics, Tianjin University, 92 Weijin Road, Nankai District, Tianjin 300072, China

Received 24 August 2013; Accepted 21 November 2013; Published 19 January 2014

Academic Editors: J. Shu and F. Yu

Copyright © 2014 Nan Feng and Chundong Zheng. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Abstract

Given the increasing cooperation between organizations, the flexible exchange of security information across the allied organizations is critical to effectively manage information systems (IS) security in a distributed environment. In this paper, we develop a cooperative model for IS security risk management in a distributed environment. In the proposed model, the exchange of security information among the interconnected IS under distributed environment is supported by Bayesian networks (BNs). In addition, for an organization’s IS, a BN is utilized to represent its security environment and dynamically predict its security risk level, by which the security manager can select an optimal action to safeguard the firm’s information resources. The actual case studied illustrates the cooperative model presented in this paper and how it can be exploited to manage the distributed IS security risk effectively.