Volume 10 Issue 3 - May 2018

  • 1. Conditional risk assessment based on software vulnerability with cvss

    Authors : Hyunchul Joh

    Pages : 102-111

    DOI : http://dx.doi.org/10.21172/1.103.19

    Keywords : Risk AssessmentSoftware VulnerabilityCommon Vulnerability Scoring System (CVSS)Conditional risk

    Abstract :

    Many organizations are cautious about their ICT computational task environments regardless of their sizes because computer security accidents often cause numerous financial compensations with major damages on their reputations and painful law suits. However, it is next to impossible to remove all the possible ICT security vulnerabilities completely from their workplaces. Fortunately, we still can improve the unsecure computing environments by measuring risk levels and trying to reduce the risk values one by one. In this paper, we propose a novel concept of how to measure ICT risk values based on multiple software vulnerabilities in a target organization. A final produced ICT risk value from an organization that we are considering is a specific number so that risk levels could be compared one another. It is expected that ICT department managers could utilize the result from this research to estimate potential risk levels in their workplaces.

    Citing this Journal Article :

    Hyunchul Joh, "Conditional risk assessment based on software vulnerability with cvss", https://www.ijltet.org/journal_details.php?id=932&j_id=4609, Volume 10 Issue 3 - May 2018, 102-111, #ijltetorg