To read the full version of this content please select one of the options below:

Study on sensitive information leakage vulnerability modeling

Sung-Hwan Kim (College of Information Communication Engineering, Sungkyunkwan University, Suwon, Republic of Korea)
Nam-Uk Kim (College of Information Communication Engineering, Sungkyunkwan University, Suwon, Republic of Korea)
Tai-Myoung Chung (College of Information Communication Engineering, Sungkyunkwan University, Suwon, Republic of Korea)

Kybernetes

ISSN: 0368-492X

Article publication date: 12 January 2015

Abstract

Purpose

The purpose of this paper is to provide a model for quantitatively analyzing the security profile of an organization’s IT environment. The model considers the security risks associated with stored data, as well as services and devices that can act as channels for data leakages. The authors propose a sensitive information (SI) leakage vulnerability model.

Design/methodology/approach

Factors identified as having an impact on the security profile are identified, and scores are assigned based on detailed criteria. These scores are utilized by mathematical models that produce a vulnerability index, which indicates the overall security vulnerability of the organization. In this chapter, the authors verify the model result extracted from SI leakage vulnerability weak index by applying the proposed model to an actual incident that occurred in South Korea in January 2014.

Findings

The paper provides vulnerability result and vulnerability index. They are depends on SI state in information systems.

Originality/value

The authors identify and define four core variables related to SI leakage: SI, security policy, and leakage channel and value of SI. The authors simplify the SI leakage problem. The authors propose a SI leakage vulnerability model.

Keywords

Citation

Kim, S.-H., Kim, N.-U. and Chung, T.-M. (2015), "Study on sensitive information leakage vulnerability modeling", Kybernetes, Vol. 44 No. 1, pp. 77-88. https://doi.org/10.1108/K-05-2014-0106

Publisher

:

Emerald Group Publishing Limited

Copyright © 2015, Emerald Group Publishing Limited