| Title | CRAC: Confidentiality Risk Assessment and IT-Infrastructure Comparison |
|---|---|
| Author | Morali, Ayse; Zambon, Emmanuele; Etalle, Sandro; Wieringa, Roel |
| Date | 2010-09 |
| Publisher | Springer Verlag |
| Abstract | In this paper we present CRAC, an IT infrastructure-based method for assessing and comparing confidentiality risks of IT based collaborations. The method determines confidentiality risks by taking into account the effects of the leakage of confidential information (e.g. industrial secrets and user credentials), and the paths that may be followed by different attackers (e.g. insider, outsider and outsourcer). We also show how the CRAC-method can be applied in practice and we evaluate its effectiveness by applying it to a real-world outsourcing case. |
| Publication | http://purl.utwente.nl/publications/71369 |
| Persistent Identifier | URN:NBN:NL:UI:28-71369 |
| Metadata | XML |
| Repository | University of Twente |
Go to page top
Go back to contents
Go back to site navigation