期刊文献+
共找到1篇文章
< 1 >
每页显示 20 50 100
A Framework for Systematic Classification of Assets for Security Testing 被引量:2
1
作者 Sadeeq Jan Omer Bin Tauqeer +5 位作者 Fazal Qudus Khan George Tsaramirsis Awais Ahmad Iftikhar Ahmad Imran Maqsood Niamat Ullah 《Computers, Materials & Continua》 SCIE EI 2021年第1期631-645,共15页
Over the last decade,a significant increase has been observed in the use of web-based Information systems that process sensitive information,e.g.,personal,financial,medical.With this increased use,the security of such... Over the last decade,a significant increase has been observed in the use of web-based Information systems that process sensitive information,e.g.,personal,financial,medical.With this increased use,the security of such systems became a crucial aspect to ensure safety,integrity and authenticity of the data.To achieve the objectives of data safety,security testing is performed.However,with growth and diversity of information systems,it is challenging to apply security testing for each and every system.Therefore,it is important to classify the assets based on their required level of security using an appropriate technique.In this paper,we propose an asset security classification technique to classify the System Under Test(SUT)based on various factors such as system exposure,data criticality and security requirements.We perform an extensive evaluation of our technique on a sample of 451 information systems.Further,we use security testing on a sample extracted from the resulting prioritized systems to investigate the presence of vulnerabilities.Our technique achieved promising results of successfully assigning security levels to various assets in the tested environments and also found several vulnerabilities in them. 展开更多
关键词 SECURITY security testing PRIVACY asset classification
下载PDF
上一页 1 下一页 到第
使用帮助 返回顶部