HOME       POLICIES       SUBMISSION        PEOPLE        ARCHIVES         CONFERENCES        CONTACT
ABSTRACT

The growing need for transparency in business negotiations requires greater control of technological risks. However, technological risk assessment tools currently available in the market are imprecise as they are based on the analysis of events that have already passed. The current paper describes a real-time, proactive risk analysis framework. We propose that instead of testing vulnerabilities from an external point of view, agents be incorporated and distributed into “actives” (hardware and software) so as to be able to provide application, confi guration and specifi c localization information. In this manner, changes noted will be divulged by the agent in an immediate and pro-active manner to a central repository. When vulnerabilities are detected, correction processes will be implemented automatically, permitting technological risks to be monitored in real-time.


KEYWORDS

Risk assessment, information security, real time, vulnerability analyst.

ARCHIVES
To return to the Volume/Number webpage, click here.
THE INTERNATIONAL JOURNAL OF FORENSIC COMPUTER SCIENCE - IJoFCS

Volume 2, Number 1, pp 75-88, DOI: 10.5769/J200701006 or http://dx.doi.org/10.5769/J200701006


A Framework for risk assessment of information technology in the corporate environment


By Laerte Peotta, and Paulo Gondim



To download this paper, click here