| Nome: | Descrição: | Tamanho: | Formato: | |
|---|---|---|---|---|
| 231.07 KB | Adobe PDF |
Orientador(es)
Resumo(s)
Choosing an optimal investment in information security is an issue most companies face these days. Which security controls to buy to protect the IT system of a company in the best way? Selecting a subset of security controls among many available ones can be seen as a resource allocation problem that should take into account conflicting objectives and constraints of the problem. In particular, the security of the system should be improved without hindering productivity, under a limited budget for buying controls. In this work, we provide several possible formulations of security controls subset selection problem as a portfolio optimization, which is well known in financial management. We propose approaches to solve them using existing single and multiobjective optimization algorithms.
Descrição
Conference name
Conference on ENTERprise Information Systems/International Conference on Project MANagement/Conference on Health and Social Care Information Systems and Technologies, CENTERIS 2015, Vilamoura, 7 October 2015 - 9 October 2015.
Conference code: 123098
Conference code: 123098
Palavras-chave
multicriteria optimisation portfolio optimization security subset selection
Contexto Educativo
Citação
Yevseyeva, I. & Basto Fernandes, Vitor & Emmerich, Michael & van Moorsel, Aad. (2015). Selecting Optimal Subset of Security Controls. Procedia Computer Science. 64. 1035 - 1042. 10.1016/j.procs.2015.08.625.
Editora
Elsevier