发明名称 |
System and method for modeling information security risk |
摘要 |
A system and method for modeling information security risk to an enterprise are disclosed. The method includes providing multiple input media, each of which forms a vector of risk severity in a dimension characterizing the information security risk. Each vector is of a dimension distinct from that of each other vector. The input media are user interactive for providing input to a computer in a network environment. The input includes data corresponding to the magnitude and dimension of each of the vectors. Upon receiving the input, the vectors are processed to output a model of the information security risk. Each risk can be modeled from the perspective of at least two dimensions, one related to a technical exploitation aspect of the risk, and the other related to a risk aspect associated with business impact. The input media can be a web based application.
|
申请公布号 |
US2006117388(A1) |
申请公布日期 |
2006.06.01 |
申请号 |
US20040993633 |
申请日期 |
2004.11.18 |
申请人 |
NELSON CATHERINE B;BHARANIA RAKESH C |
发明人 |
NELSON CATHERINE B.;BHARANIA RAKESH C. |
分类号 |
G06F11/00;G06F11/22;G06F11/30;G06F11/32;G06F11/34;G06F11/36;G06F12/14;G06F12/16;G06F15/18;G08B23/00 |
主分类号 |
G06F11/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|