Search Word(s) in Title, Keywords, Authors, and Abstract:
Injung Kim
A Practical Security Risk Analysis Process and Tool for Information System
YoonJung Chung, InJung Kim and DoHoon Lee
Page: 95~100, Vol. 2, No.2, 2006
None
Keywords: Risk Management, Asset, Threats, Vulnerability, Countermeasure
Show / Hide Abstract
The Plan and Tools for Vulnerability Testing in Information Software-Based System
Injung Kim, Younggyo Lee and Dongho Won
Page: 75~78, Vol. 1, No.1, 2005
None
Keywords: Risk Analysis, Vulnerability, Asset, Threat
Show / Hide Abstract
A Practical Security Risk Analysis Process and Tool for Information System
YoonJung Chung, InJung Kim and DoHoon Lee
Page: 95~100, Vol. 2, No.2, 2006

Keywords: Risk Management, Asset, Threats, Vulnerability, Countermeasure
Show / Hide Abstract
While conventional business administration-based information technology management methods are applied to the risk analysis of information systems, no security risk analysis techniques have been used in relation to information protection. In particular, given the rapid diffusion of information systems and the demand for information protection, it is vital to develop security risk analysis techniques. Therefore, this paper will suggest an ideal risk analysis process for information systems. To prove the usefulness of this security risk analysis process, this paper will show the results of managed, physical and technical security risk analysis that are derived from investigating and analyzing the conventional information protection items of an information system.
The Plan and Tools for Vulnerability Testing in Information Software-Based System
Injung Kim, Younggyo Lee and Dongho Won
Page: 75~78, Vol. 1, No.1, 2005

Keywords: Risk Analysis, Vulnerability, Asset, Threat
Show / Hide Abstract
Although many tests for stabilization of the software have been done, vulnerability test for a system run by combination of the software of various products has not been conducted enough. This has led to increased threats and vulnerability of system. Especially, web-based software system, which is public, has inherent possibility of exposure to attacks and is likely to be seriously damaged by an accident. Consequently, comprehensive and systematic test plans and techniques are required. Moreover, it is necessary to establish a procedure for managing and handling the results of vulnerability test. This paper proposes vulnerability test plans and designs for implementing automated tools, both of which can be complied with on web-based software systems.