| Autor: |
Sherif M. Saif, Amany AbdElSamea |
| Jazyk: |
angličtina |
| Rok vydání: |
2024 |
| Předmět: |
|
| Zdroj: |
Journal of Electrical Systems and Information Technology, Vol 11, Iss 1, Pp 1-23 (2024) |
| Druh dokumentu: |
article |
| ISSN: |
2314-7172 |
| DOI: |
10.1186/s43067-024-00182-w |
| Popis: |
Abstract Big Data platforms store vast amounts of information, necessitating robust security measures, including risk-based approaches. Risk assessment, a key part of Information Security Management Systems (ISMS), involves evaluating threats, vulnerabilities, and documenting risks through risk registers. Organizations face the challenge of allocating resources effectively to implement controls that mitigate these risks. This involves calculating risk scores before and after control implementation and prioritizing them—an NP-Complete (Nondeterministic Polynomial-time Complete) problem. This paper presents a mathematical model for solving this using the Z3 Satisfiability Modulo Theories (SMT) solver. The model enables risk-based planning for security implementation in big data platforms. The results demonstrate the feasibility of the approach, with the system processing up to 11 risks (almost 40 million permutations) efficiently, compared to brute force methods, which struggle beyond six risks (720 permutations). |
| Databáze: |
Directory of Open Access Journals |
| Externí odkaz: |
|
Full text from SpringerLink