Table of Contents Author Guidelines Submit a Manuscript
The Scientific World Journal
Volume 2014, Article ID 167497, 6 pages
http://dx.doi.org/10.1155/2014/167497
Research Article

A Cooperative Model for IS Security Risk Management in Distributed Environment

College of Management and Economics, Tianjin University, 92 Weijin Road, Nankai District, Tianjin 300072, China

Received 24 August 2013; Accepted 21 November 2013; Published 19 January 2014

Academic Editors: J. Shu and F. Yu

Copyright © 2014 Nan Feng and Chundong Zheng. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. I. A. Tsoukalas and P. D. Siozos, “Privacy and anonymity in the information society—challenges for the european union,” TheScientificWorldJournal, vol. 11, pp. 458–462, 2011. View at Publisher · View at Google Scholar · View at Scopus
  2. Y. Zhang, X. Deng, D. Wei, and Y. Deng, “Assessment of E-Commerce security using AHP and evidential reasoning,” Expert Systems with Applications, vol. 39, no. 3, pp. 3611–3623, 2012. View at Publisher · View at Google Scholar · View at Scopus
  3. S. Ransbotham and S. Mitra, “Choice and chance: a conceptual model of paths to information security compromise,” Information Systems Research, vol. 20, no. 1, pp. 121–139, 2009. View at Publisher · View at Google Scholar · View at Scopus
  4. B. Bulgurcu, H. Cavusoglu, and I. Benbasat, “Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness,” MIS Quarterly, vol. 34, no. 3, pp. 523–548, 2010. View at Google Scholar · View at Scopus
  5. E. Gal-Or and A. Chose, “The economic incentives for sharing security information,” Information Systems Research, vol. 16, no. 2, pp. 186–208, 2005. View at Publisher · View at Google Scholar · View at Scopus
  6. C.-F. Fan and Y.-C. Yu, “BBN-based software project risk management,” Journal of Systems and Software, vol. 73, no. 2, pp. 193–203, 2004. View at Publisher · View at Google Scholar · View at Scopus
  7. L. Sun, R. P. Srivastava, and T. J. Mock, “An information systems security risk assessment model under the Dempster-Shafer theory of belief functions,” Journal of Management Information Systems, vol. 22, no. 4, pp. 109–142, 2006. View at Publisher · View at Google Scholar · View at Scopus
  8. W. T. Yue, M. Çakanyildirim, Y. U. Ryu, and D. Liu, “Network externalities, layered protection and IT security risk management,” Decision Support Systems, vol. 44, no. 1, pp. 1–16, 2007. View at Publisher · View at Google Scholar · View at Scopus
  9. R. Di Pietro and L. V. Mancini, “Security and privacy issues of handheld and wearable wireless devices,” Communications of the ACM, vol. 46, no. 9, pp. 74–79, 2003. View at Publisher · View at Google Scholar · View at Scopus
  10. P. Ning, Y. Cui, D. S. Reeves, and D. Xu, “Techniques and tools for analyzing intrusion alerts,” ACM Transactions on Information and System Security, vol. 7, no. 2, pp. 274–318, 2004. View at Publisher · View at Google Scholar · View at Scopus
  11. R. Sarathy and K. Muralidhar, “The security of confidential numerical data in databases,” Information Systems Research, vol. 13, no. 4, pp. 389–403, 2002. View at Google Scholar · View at Scopus
  12. N. Li and M. V. Tripunitara, “Security analysis in role-based access control,” ACM Transactions on Information and System Security, vol. 9, no. 4, pp. 391–420, 2006. View at Publisher · View at Google Scholar · View at Scopus
  13. S. Rinderle-Ma and M. Reichert, “Comprehensive life cycle support for access rules in information systems: the CEOSIS project,” Enterprise Information Systems, vol. 3, no. 3, pp. 219–251, 2009. View at Publisher · View at Google Scholar · View at Scopus
  14. L. A. Gordon and M. P. Loeb, “The economics of information security investment,” ACM Transactions on Information and System Security, vol. 5, no. 4, pp. 438–457, 2002. View at Google Scholar
  15. H. S. B. Herath and T. C. Herath, “Investments in information security: a real options perspective with Bayesian postaudit,” Journal of Management Information Systems, vol. 25, no. 3, pp. 337–375, 2009. View at Publisher · View at Google Scholar · View at Scopus
  16. K. Kannan and R. Telang, “Market for software vulnerabilities? Think again,” Management Science, vol. 51, no. 5, pp. 726–740, 2005. View at Publisher · View at Google Scholar · View at Scopus
  17. M. N. Azaiez and V. M. Bier, “Optimal resource allocation for security in reliability systems,” European Journal of Operational Research, vol. 181, no. 2, pp. 773–786, 2007. View at Publisher · View at Google Scholar · View at Scopus
  18. H. Cavusoglu, B. Mishra, and S. Raghunathan, “The effect of internet security breach announcements on market value: capital market reactions for breached firms and internet security developers,” International Journal of Electronic Commerce, vol. 9, no. 1, pp. 69–104, 2004. View at Google Scholar · View at Scopus
  19. N. Feng and M. Li, “An information systems security risk assessment model under uncertain environment,” Applied Soft Computing Journal, vol. 11, no. 7, pp. 4332–4340, 2011. View at Publisher · View at Google Scholar · View at Scopus
  20. N. Feng, H. J. Wang, and M. Li, “A security risk analysis model for information systems: causal relationships of risk factors and vulnerability propagation analysis,” Information Sciences, vol. 256, pp. 57–73, 2014. View at Google Scholar
  21. Q. Yan, “A security evaluation approach for information systems in telecommunication enterprises,” Enterprise Information Systems, vol. 2, no. 3, pp. 309–324, 2008. View at Publisher · View at Google Scholar · View at Scopus
  22. P.-Y. Chen, G. Kataria, and R. Krishnan, “Correlated failures, diversification, and information security risk management,” MIS Quarterly, vol. 35, no. 2, pp. 397–422, 2011. View at Google Scholar · View at Scopus
  23. J. Pearl, Probabilistic Reasoning in Intelligent Systems: Networks of Plausible Inference, Morgan-Kaufmann Publishers, San Mateo, Calif, USA, 1998.